buscadordetesoros.znice.info Open in urlscan Pro
2606:4700:3033::ac43:d4c1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buscadordetesoros.znice.info/
Submission: On November 23 via api (November 23rd 2023, 2:59:28 pm UTC) from US — Scanned from US

Summary HTTP 167 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 14 domains to perform 167 HTTP transactions. The main IP is 2606:4700:3033::ac43:d4c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is buscadordetesoros.znice.info.
TLS certificate: Issued by GTS CA 1P5 on October 25th 2023. Valid for: 3 months.

This is the only time buscadordetesoros.znice.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:303... 2606:4700:3033::ac43:d4c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::71	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4004:c07::84	() ()
22	2607:f8b0:400... 2607:f8b0:4004:c1d::95	() ()
4	2607:f8b0:400... 2607:f8b0:4004:c17::9b	() ()
9 12	172.253.115.156 172.253.115.156	() ()
6 12	104.18.36.155 104.18.36.155	() ()
9 12	68.67.160.75 68.67.160.75	() ()
6	18.238.4.98 18.238.4.98	() ()
6	172.253.115.148 172.253.115.148	() ()
1 2	2607:f8b0:400... 2607:f8b0:4004:c1d::93	() ()
2	99.81.27.48 99.81.27.48	() ()
167	19

28 2606:4700:3033::ac43:d4c1 (United States)

ASN13335 (CLOUDFLARENET, US)

buscadordetesoros.znice.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::71 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c07::84 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c1d::95 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::9b (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.253.115.156 (None, ) 9 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.36.155 (None, ) 6 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 68.67.160.75 (None, ) 9 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.4.98 (None, )

ASN- ()

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.115.148 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::93 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.27.48 (None, )

ASN- ()

neural40.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com	519 KB
29	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net ad.doubleclick.net	165 KB
28	znice.info buscadordetesoros.znice.info	612 KB
22	2mdn.net s0.2mdn.net	4 MB
19	gstatic.com fonts.gstatic.com www.gstatic.com	277 KB
12	adnxs.com 9 redirects ib.adnxs.com	9 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com	7 KB
8	cdnwebcloud.com bucket.cdnwebcloud.com neural40.cdnwebcloud.com	19 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
4	googletagservices.com www.googletagservices.com	255 KB
2	google.com 1 redirects www.google.com	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	263 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	78 KB
0	Failed function sub() { [native code] }. Failed
167	14

	Domain	Requested by
28	buscadordetesoros.znice.info	buscadordetesoros.znice.info
26	pagead2.googlesyndication.com	buscadordetesoros.znice.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	s0.2mdn.net	buscadordetesoros.znice.info s0.2mdn.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net buscadordetesoros.znice.info tpc.googlesyndication.com pagead2.googlesyndication.com
16	fonts.gstatic.com	fonts.googleapis.com
12	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net buscadordetesoros.znice.info
6	ad.doubleclick.net	buscadordetesoros.znice.info
6	bucket.cdnwebcloud.com	s0.2mdn.net buscadordetesoros.znice.info bucket.cdnwebcloud.com
5	fonts.googleapis.com	buscadordetesoros.znice.info googleads.g.doubleclick.net s0.2mdn.net
4	www.googletagservices.com	googleads.g.doubleclick.net buscadordetesoros.znice.info
3	www.gstatic.com	googleads.g.doubleclick.net
2	neural40.cdnwebcloud.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	buscadordetesoros.znice.info
0	bpggmmljdiliancllaapiggllnkbjocb Failed	buscadordetesoros.znice.info
167	19

This site contains no links.

Subject Issuer	Validity	Valid
znice.info GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://buscadordetesoros.znice.info/
Frame ID: E351F2E7D29CFB048F21B7B2F3289D61
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 996B5AC5891F155D21D064B65C77AADB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7330067866221924&output=html&adk=1812271804&adf=3025194257&lmt=1700741108&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fbuscadordetesoros.znice.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700751554866&bpp=4&bdt=301&idt=382&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=698192591006&frm=20&pv=2&ga_vid=1692980031.1700751555&ga_sid=1700751555&ga_hid=1841735109&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079518%2C31079605%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809053&oid=2&pvsid=221451752236677&tmod=1707700883&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432
Frame ID: BC66277190C05D52E252193E03BF9648
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Frame ID: 412115185B81EF5D8FEDF2AE3EAA8879
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Frame ID: 861BBF00837F0032E403B29D2D838AE0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Frame ID: 6FCD508C9031BA8C6DF0201701128187
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Frame ID: C45643A58FD336904FE29DADCC68E66C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNVL-GiaxmeBxM-m6VUaIfMN5rsFD2mtWvypqBiMo-0XAhKD7P51lXGD9C-53MvYQmUftxMHWzJhjvhpVR7m7f48YuoPEA
Frame ID: 9F4BEBFCBF34789C67E9E8A6C4459193
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV5nFJETW2TH-ev0Uqb2YLlehqnTogp6j7_NYTJIxY2ZVK-LXHvN0ufBCySbUMgTJbf-G_Un5OblR_3ETIeOOO7kWj7Mw
Frame ID: C9795C2AC5DFE68C0705F7F5FA3A98FE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Yw63w5QEwAQ&v=APEucNXOpeUDXpi-yG98s5-0uErq1exYise5rf8FIUAFNTXFx-QNSwGwrjavMzzNXmJFKWnDr2vA9nH5U0Ow2Fo_OPAFkFIRMQ
Frame ID: BCF236046496F87578356BCD2C2B9233
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: C5336BEF17684470C15574E1FDD241E4
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 82F3DB906C45E7FD4F08FEC90BC57EC4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6DC4752AA0FDBE2EB01CCAD734A1E94
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 86736A914A228ED078B46776F3A4BDC6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
Frame ID: D2C8C7E7B123C02E7AE353F022549EC4
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 397FCCE69697A8EABDAEDDD0CA3A82EA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
Frame ID: 0391CFF495FAC252F0EF6DD41FBD514E
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A49A96B9FB9DD225237C4D110295E7E6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250
Frame ID: 8AD65460E54A4C1B3485537624B1920C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 6948F6C7B1F0521F6907C7461628516D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1A08162B85DCF19172024980506ACC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3CD57B5F51D007622448ADB02B1AEE35
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

buscadordetesoros -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

167
Requests

92 %
HTTPS

67 %
IPv6

14
Domains

19
Subdomains

19
IPs

1
Countries

6308 kB
Transfer

9328 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

Request Chain 87

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxavHUV2C9jF-UI91MgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Request Chain 89

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxavHUV2C9jF-UI91MgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxXcKuAay8ExqCt.R1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1&google_hm=2

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMjU1MzY0Mjg0NDk4MTc4MQ%3D%3D

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

167 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
buscadordetesoros.znice.info/ 58 KB
15 KB 342ms
209ms Document
text/html 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b894a4d460bb7679a1bda215952ddea1ab6c60591353451fd315daf8a281465

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82aa465ecdc3b3c1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 14:59:14 GMT
last-modified: Thu, 23 Nov 2023 12:05:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULruTt9Lhbz1kCyx%2BkVKUzOZkmB2a43L3ZgRNPuYIOla7pDVMIcBztOJazA8VOD1EOxrmyBV0EZItgRe1mZ04rVY263QbxZG22StKxhG7A7FmIwcGwS3Nve%2Fd3Nj4jf6q%2BURQpgdCuiG3oUCNuaOfGHdy7IUD68VSejS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 198ms
86ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7330067866221924

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f4be8335f82926e09852c42238ebf0ced03e2840d59d4801b666c7421a0b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52744
x-xss-protection: 0
server: cafe
etag: 6281438079355700854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:14 GMT

GET
H2 200 style.min.css
buscadordetesoros.znice.info/wp-includes/css/dist/block-library/ 107 KB
15 KB 44ms
40ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 05:50:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 370294
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40AIjoHF4E0wfPoALd%2FRbBLsV9Ej4Jpf0uAKIjRKlYKVr5Ih%2BIXruxCVUWWVGHbOzXjseVWb3iiBoWoDZ7XYGWo5edw6UXDbMBsOOA6j9TYbeblgYZRTX2%2Fj9MmbqPsdy6RVD5I8oQxvWRIHpEJzjMBYnLGgIPv2Gv1i"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 82aa46602f41b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 08:07:40 GMT

GET
H2 200 font-awesome.css
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/css/ 35 KB
7 KB 42ms
39ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/css/font-awesome.css?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 173547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHbP1wppafMVMV%2FjZqBzbFblmlVrPt%2F7jWlGRr4Skzll3yJ%2FdCIeT0s9aXh1gMobwqrdg3MtnL6VT4ima1qOmE67fs6y%2F8Gvt1urMCENb7risbUfUfFus3Zglwjl5WojeH%2BKYtCNrhaHMVBpnAL0HmXoxO8GeU8AB%2FE2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82aa46602f44b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 14:46:47 GMT

GET
H2 200 genericons.css
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/ 154 B
489 B 37ms
34ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/genericons.css?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 198057
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqTl32djo8vxalL72HMIrNECCmEnqGgWiI5PdknOI6GXXVPdbbiCe5JfdbLpaSbmn%2Fw5w6JPlPonm8t3DCivzja8af75FOasmt6JJYAf9kkZDuQALQYJaebFf9Z6S7DP%2F2d0u5p2p%2FfKTbWm9TS3Tup%2BRhZXexiPBDwS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82aa46602f45b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 07:58:17 GMT

GET
H2 200 style.css
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/ 66 KB
14 KB 67ms
64ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/style.css?ver=20221205
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3bb5ec2523ac6d5a9a5da20ab9e7905fc8aad492900e446f10d6c11be2bd1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 472183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4v3BQELTcmSVS5tZ36HJPfGM7A6PMAf82vpjlUxMhu8GTwYU4PtE%2F4npaPzAMgkeum%2BswFInYQGiTsn0jDerRrxlmcY%2BMWsUHGYvmTozrZDNFO30vbm8A5spEPNX4v3Gz8BcdLRoq7ZXrRYUYtFIYOyT0nNA%2BFC%2FM3S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 82aa46602f46b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 03:49:31 GMT

GET
H2 200 responsive.css
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/ 9 KB
2 KB 38ms
35ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/responsive.css?ver=20221205
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30de076dc026e18d1de9628ef1f179fbda181ced8ce1ff6b27c51afb9e1906f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 196410
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YOznMF8RfQHNAkdlwcESoMFKpJuLMJ0VW82XikhLT0c1Z%2FM31N5ElegMfIajT6W0SubB2Ql6YIc5g8Ln72druJ5cXK7ZsE7SVjmfDpZo0qjnLGzoGs9Wn7oaSDc9kQhe09OhXf%2BZCuUb3B47dnhgUwx1ZjzdXhM62vU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82aa46602f47b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 08:25:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 169ms
60ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a92aed3683d448908e52d5b2a0fc8195a8872c5e60958f637d5a7eaf00f56675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:20:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 14:59:14 GMT

GET
H2 200 jquery.min.js Show response
buscadordetesoros.znice.info/wp-includes/js/jquery/ 86 KB
31 KB 65ms
64ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 05:50:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 472182
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FwRpIYqaAJd6KsYEasyKVj1skmISVfZfSrTdHbBWfZED8LSMOwUsfM7curvzIzGRkHwd%2Bq2WNQ5OiEToyWq0%2FXNB8GvZL%2FZqE4A9fNiY5mNcj%2Bml2Y2JNJ9xF7XbUJrhx9SflROLqx6dqW5cgcrgl4dhYFNCEHABoMk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46602f49b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 03:49:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
buscadordetesoros.znice.info/wp-includes/js/jquery/ 13 KB
5 KB 38ms
36ms Script
text/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:49:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3007
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsGsZT1WStkKGEBr%2Fw6syPmp3p543VTH4onLKBAi6yVwfIUvb58nZJo%2BRy6An1exnzAxeW2WXMwatAkyTyB65kXP04lm0Hdy9M2HFIY3owch%2BIl%2F%2FmT3a%2Fb9b5%2F9ulsl0d3OZA9VRPE1fe%2BqkGxzfzs72gY%2F06fMGIje"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 82aa46602f4ab3c1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
78 KB 198ms
69ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NFBT8HZ

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6297b49ce074c9ef4f74bb1a751e6062b7ec575c48cabc71d78beec2537c3308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 14:59:14 GMT

GET
H2 200 item-161992213786656424445-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 14 KB
15 KB 42ms
41ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/item-161992213786656424445-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e841cab39011ce11e3edaf1936874d8879d5cfc03d262a3245b5b94f0da272

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267414
alt-svc: h3=":443"; ma=86400
content-length: 14677
last-modified: Wed, 15 Nov 2023 04:02:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibCI93Wclo%2BLnkwG4%2FYWUIomhW5dn0%2BaNFGU3AJBne7lxILy0c7hUHaAZ1yrA%2FGDhIkYW7AE5kWmAMbcphSL4IyVHDlqk9%2Bcq3Finrlx2Sc7BfhAQm3aNMG%2BrTKAbEuUf9uXEQJlmCehb3AzL8e7K3t7rjLtsZZAHiel"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46602f4cb3c1-MIA
expires: Mon, 27 Nov 2023 12:42:20 GMT

GET
H2 200 Gold-q-148-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 29 KB
29 KB 38ms
37ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/Gold-q-148-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a08b0d839953de4b16a97c0089be54524b6b55ff2518b7f18aacd10e774c0ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85827
alt-svc: h3=":443"; ma=86400
content-length: 29575
last-modified: Wed, 15 Nov 2023 04:02:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx6bhjM%2FBT3tatdP6GJOf1UuL%2F4J3%2F5AldEhUr%2FlcAh2X6u6D93LqJIUEq87vF9qBXIVm660KILRqQLmQtALpiKJb%2Fo84WNBmLJKkEt7qRG%2BrMeVEUr9ux3jFORdz2W3ydK4wWdRxUf7TPespsUr8hm7iLKxZqr4bXZc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46602f4db3c1-MIA
expires: Wed, 29 Nov 2023 15:08:47 GMT

GET
H2 200 images1042576_3-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 29 KB
29 KB 55ms
54ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/images1042576_3-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6784f61c55c8f5ef533149642451a6cb518bfb63db412131331882c728733a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250254
alt-svc: h3=":443"; ma=86400
content-length: 29387
last-modified: Wed, 15 Nov 2023 04:02:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBwBZ7fgC3JHFiyqJ4EpYwJxgwmqXRO9NOCWwnvNzcJjYyxBO%2FQEQfgmrO8CzGHZW%2Fba6t9uEmNTNEoOO7bIqD2uEm%2Fl103TXI2HLQFDvdmKUFRn1oIVinrlGvHz%2BLz7TRJ5RVwbKMksEhispOiumJHbZevTlIF7OOYr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46606fb6b3c1-MIA
expires: Mon, 27 Nov 2023 17:28:20 GMT

GET
H3 200 VideoScreenshot-YouTube-WeFoundAHugeTreasureBackedByAVenomousSnakeSoPreciousAndRare-1510-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 29 KB
29 KB 186ms
186ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/VideoScreenshot-YouTube-WeFoundAHugeTreasureBackedByAVenomousSnakeSoPreciousAndRare-1510-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9812780a6b94e3ec7bebc5347cf06203ba6ddbf32a998efecce888fa02ce9b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtPnkzQtc4qxKNgMkxicZeWDHDmLTci1eti3w7QKu%2Flbue9pp%2BK1K3zmpopKr4Pej94P3BgU1waxekFkN9zsAxvrsXKOeSdqnYEUguT0slDhIQiCBnb11wZKQCf%2FL37My%2BEUPOEwaIoMfVja3YUg481F7t2TKbRPmoXD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46609d834c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 29336
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 experience-the-enchantment-of-new-zealands-firefly-caves-a-glittering-adventure-48402-3-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 15 KB
16 KB 184ms
183ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/experience-the-enchantment-of-new-zealands-firefly-caves-a-glittering-adventure-48402-3-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12dd342f85833d794cbe0d86b7dfdb7330589a2d5736a07f32c166185225925

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhLfhhPe%2BaD2t903QDoGHL6n%2FmUYz%2FiRKFF3mq96roEVhjXOS1PLIxShdXqnhFZINgNyU%2BG%2FMO6txvisP1VeVXLjRbOsfNqTbmjorvYcKVC3Eyto34pJEqGeDRj4Mc1jx1fQiWYZMA2%2Fqf8c4xy4Iok7XVh%2F%2FuKAJ3Vs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa4660cdba4c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 15766
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 ML004214_2_E-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 14 KB
15 KB 145ms
134ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ML004214_2_E-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f6cc8d212c1c81c7dded25fe1bff7294ecad0cc912446de14e675388580df2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9I2HIdoEmQHshfgcMl3yzAid08hLrXPUbtYp15GSCJ8KPdjTCBySQJbXm1XCljxEU8Fs%2BRvJtWkbm%2F3HWj8ybF%2FtG1fJn4lgTnwFDReJqfNIVuIQXY7AK4x7iT3sbILSQ7dhdj7PhYP7DtHXR0DrH%2BlRlxD2mFH2tpq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46616e734c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 14583
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 3-10-300x300.png
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 182 KB
183 KB 206ms
195ms Image
image/png 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/3-10-300x300.png
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981f4081368070691c18cf4ad14efddb8a173d750cdfd8823f7c94297f50cfbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HABfqLH8ZRgqMljBTiF8BOBQMHCJ%2FxrGd%2FV8JOi1ZQafjwY%2FmFXhES%2FQpivsfb%2FQ%2BHzSDLF%2BDl7215tQjSKB7WMIUnZuGkEIc6ZTGCeANWOwSZb%2BYeH7Kr1rSbUZditndv7osTJBjS%2F6P3FCvPJnL3vKIFbBc7ynTY7S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46616e744c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 186495
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 DoHkl9lXoAAEi-J-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 27 KB
27 KB 161ms
152ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/DoHkl9lXoAAEi-J-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473c95a4f6d851fe41044c36bf20e6754efc307be545781fedc36957998ee83a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOxoy%2B37n5fVSXau%2FQSjYJQntBXA37EIIA%2BbeQXekVw%2F%2BInVSdx96X01v0E9vm4qbVdCmvLHKH5DJkczjccl3NdrnX8B%2B9S%2FzASfRIq6yLYJO7ntJbr7byii5WvEIZSU4UjEGu1kYXjqz32OiCJG0BwuzYpbL2CYl0Gp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46616e764c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 27180
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 3ca8689fcc7f5fafdd8ae7cdd4b1f963-300x300.jpg
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 25 KB
25 KB 189ms
181ms Image
image/jpeg 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/3ca8689fcc7f5fafdd8ae7cdd4b1f963-300x300.jpg
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da41d2282aa367095bffff22b37c2ddca72d67ab2185ec0dd68f413c6a81c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkkFdxD2EhoRb93FX%2FF8ieVaWDLuP0u8CjzNrPVINMAYXB3YajsWznPaJcsMFygJ8tZUjmg5QNJNtbmY31o7pM%2FsedfTu3EGVhliMoheoIVC%2B7CoAg4WvqEkiHrMbcHCMtWtPjDNg7vu2ZOMY73v2s2oztqshVt%2BK0YR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46616e784c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 25360
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET
H3 200 121009CLmat4-4bd4a-300x300.webp
buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/ 6 KB
7 KB 133ms
125ms Image
image/webp 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buscadordetesoros.znice.info/wp-content/uploads/sites/16/2023/11/121009CLmat4-4bd4a-300x300.webp
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368efacd9e5bb12a61e6009384f5eca007fc8ae940c9cd2321a084ad929d8f4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 04:01:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPVRImT1k%2Fm%2B%2B%2BbjcpFkvghBg4nWFL2PwTTcd%2Ftpicq43xWV4frtFC%2B2X1RYWLFHqLE9885dZfqfZJG%2FGpbWfOINQAq5qvZ7oL0YtXPsywrKRz642sHxNsPPZnktzQXT0ram%2BN4MVc9lbETC%2FOUmS92APoEFy5EmAVln"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82aa46616e794c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 6248
expires: Thu, 30 Nov 2023 14:59:14 GMT

GET 48.png
bpggmmljdiliancllaapiggllnkbjocb/logo/ 0
0

GET
H3 200 superfish.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 7 KB
3 KB 43ms
34ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/superfish.js?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WobmsKks5N7Sb6E87TppzsLQau5bvHUqe4vPf8wZGXb7Mpm%2BAvMe70%2BsqnJKli5f3f8Fodd%2B%2BLMM1zN%2FiSMRF%2Bx8ZD1xCynoS7antSAIqhL%2BGFtYWmnnRvIg%2FgVTmU0xX2yWRE%2Be05GujZL4bn7bkcvrYj6cpdKgQDaI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46615e624c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
H3 200 html5.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 10 KB
4 KB 101ms
87ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/html5.js?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdpPeJs3gw6pTXRDik5N4b5d1KDrK8k1oVXyNNX1EkdwICmhqSFZ89Pk%2Ffgbs7YjeGrznO3q67%2BuLA691jYoq7mJsoR4WZ5OAlK3grzqbHoIf%2BN76jZHwt2lFhvsFLSxjSyRFkjNqp7WeXD1nj8q3kB5YV2rLLT9Mq3W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46616e694c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
H3 200 jquery.bxslider.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 66 KB
16 KB 97ms
88ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/jquery.bxslider.js?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kv4zGWmyCa48hKqNbUe9E9yzRUIOpUH%2Fd1aBF5vo%2BS4XPrYYaP1Vc3uSYoYR0pDYV3qyh6HIMdeAqmdFt32ccwoFLOIRGWbn9DZVe5j39iHmiB6gbIMPRJICJbGrHnB6PjjLFBUfl3iKE8vA3T5tjwJgwEny1iEan0j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46616e6b4c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
H3 200 jquery.tabslet.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 6 KB
2 KB 43ms
33ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/jquery.tabslet.js?ver=20221205
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5W4CRogOmxI1sDQLVQUg%2F%2BKUKanBpdJzD7cEIKl14GKOOa5l112vj6an9SRl%2F3ItFbhYAxv4b7pH34%2BN07bU4QGLElc7o18BjyZNQa98NvyYKaWfw374006LOQiRG1fSqNuoSQHESWiqCEll3TstyMNNarXZHqrIiBW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46616e6c4c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
H3 200 index.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 30 KB
8 KB 46ms
37ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/index.js?ver=20221205
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HigBsUCFamGTP7SDvbnA%2FzXEmA7H7BGrXZiEy20nFWKBm7GsUyq2fOwSgs4otfXcWl2pD4c1Lknd8sCui3w3icwU%2Fth621r4b8YIniqWYmegzIqjVkHnvCfdHO5vSyhnZ46S3Att%2BwTYLbsicauCCCCprEX93CH%2FwkVT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46616e6d4c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
H3 200 jquery.custom.js Show response
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/ 3 KB
1 KB 44ms
35ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/js/jquery.custom.js?ver=20221205
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186de34a68b1eca12ae851c34b42c2fa9914a82b51915f53ee5c0ab21bdd4cde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnGTWYqGsXbXI2xLAD3Rp4DXUzfAbSJuxNi56XgDoHyrFd8wXvzzX4rlWxWJz2OA9FaghGphq7WgYMdkVvhh8Flwj6ITllmCIk5QqA1fCGBD0rCNPKij%2Ffw0KW%2FcD7VU76P2SdYatMp2W5nfZ16HtKWFdfiwFeSMP7Rh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46616e6e4c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
BLOB 200
OK 717a27c5-4f46-4b58-8b7e-0a796db67790
https://buscadordetesoros.znice.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://buscadordetesoros.znice.info/717a27c5-4f46-4b58-8b7e-0a796db67790
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 genericons.css
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/genericons/ 28 KB
16 KB 39ms
35ms Stylesheet
text/css 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/genericons/genericons.css
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/genericons.css?ver=6.4.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/genericons.css?ver=6.4.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 196417
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xAoaoI5dniZRG8lDSndO1QvAztzqMARy2gquDQoP1uwdOqXbzqOkbAPl5jnSzZBfQq01dnR9dUh83gnoSjJ%2BAPUpKGS9czDdzr%2BAG7U8%2F0NYYcArsle1aezGfrNvwUAORedhVqVCqf6%2FK6rzoYpsVCnApcXtV6yZ6cI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82aa46606fb4b3c1-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 08:25:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 183ms
64ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:34:30 GMT
x-content-type-options: nosniff
age: 253484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:34:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 224ms
106ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:38:51 GMT
x-content-type-options: nosniff
age: 246023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 18:38:51 GMT

GET
H3 200 genericons-regular-webfont.woff
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/font/ 17 KB
17 KB 107ms
105ms Font
font/woff 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/genericons/font/genericons-regular-webfont.woff
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/style.css?ver=20221205
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/style.css?ver=20221205
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 448756
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfIlz0JYCkeDU6yB%2BJNKKjmOD62ugiJfTauOaTvME%2BTFRlPG%2F%2BQAtzgAuXlj5M%2FnX7TH9mx5anCzS1Sk5djlEe0xisWvsH%2FK69REAMtO0SgOV%2BLTNVREPbcdWLWli5RGkC8VyJiVi5SRUkunPMZQ9TP3hP5rmXMIB5Sg"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82aa46616e7a4c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 17224
expires: Sat, 25 Nov 2023 10:19:58 GMT

GET
H3 200 fontawesome-webfont.woff2
buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/fonts/ 75 KB
76 KB 108ms
106ms Font
font/woff2 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/css/font-awesome.css?ver=6.4.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://buscadordetesoros.znice.info/wp-content/themes/blogsite-pro/assets/css/font-awesome.css?ver=6.4.1
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470019
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBezHpVrKDnEsd063gFRooaEyls11blK%2Fedsf7%2B1np%2FvJp%2F8vMn8G6FVs%2FEISSGG%2FDNXZ6mvmmHRKVCPNubS7tcTV2KRlBY4NsRpejh4qj%2BRvae7LAJG%2F2cvY6vf%2FPYfSMeDobW8KrfhKlTo%2FRGN2y9XXYOBmqxPltL2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82aa46616e7c4c20-MIA
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Sat, 25 Nov 2023 04:25:35 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 234ms
126ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:57:08 GMT
x-content-type-options: nosniff
age: 43326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:57:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 230ms
123ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:49:36 GMT
x-content-type-options: nosniff
age: 176978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:49:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 159ms
51ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:39:08 GMT
x-content-type-options: nosniff
age: 102006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 10:39:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 7 KB
7 KB 260ms
155ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9cc76fd52238330f0aabac35acd2cac0f04b7890862e61e013ebbb8513fb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:25:23 GMT
x-content-type-options: nosniff
age: 156831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6936
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 19:25:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 291ms
187ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:21:42 GMT
x-content-type-options: nosniff
age: 297452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 04:21:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 7 KB
7 KB 263ms
160ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:24:39 GMT
x-content-type-options: nosniff
age: 156875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7112
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 19:24:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 281ms
182ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:38:56 GMT
x-content-type-options: nosniff
age: 102018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 10:38:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu72xKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 266ms
167ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ef2cd1159a8cbfd271ff2abe07f237a46f6fa056eefd2e9018661f93eea137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:57:17 GMT
x-content-type-options: nosniff
age: 43317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:57:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 14 KB
14 KB 209ms
139ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c505383d37d2078648e37868bbd1fadf64a1c92dad2e03fff532ffa84e7635b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:50:10 GMT
x-content-type-options: nosniff
age: 176944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:50:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 244ms
178ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buscadordetesoros.znice.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:21:42 GMT
x-content-type-options: nosniff
age: 297452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 04:21:42 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 244ms
142ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7330067866221924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f68742ffe98e67ea40137b6ff6cc891fcdab289ae195500b8a1226f67588104c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137240
x-xss-protection: 0
server: cafe
etag: 12466321394028075167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:15 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 996B 9 KB
4 KB 162ms
52ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7330067866221924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:32:50 GMT
etag: 16674218716276178799
expires: Thu, 07 Dec 2023 14:32:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
buscadordetesoros.znice.info/wp-includes/js/ 18 KB
5 KB 44ms
43ms Script
application/javascript 2606:4700:3033::ac43:d4c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buscadordetesoros.znice.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d4c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 21:48:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 448763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRDh8cQcOgpsfzd42AyLwm7l3CSzJMNGLwFeGvhAvc5rO8qgXeHJXDjxJbCUmU1H%2Fcx9iR4oZFzuOW3uLRc6fP3t6Dyb3Z38HQDLZ%2BJ3VASRDIjtnQORsd%2FyLitgMgHyvO%2FSPocbgqdg2mpXUg%2BtDYRF95cGHN0i%2Fl%2FX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 82aa46624fcf4c20-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 25 Nov 2023 10:19:51 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
263 B 176ms
62ms Ping
text/plain 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WLR3XWFG0N&gtm=45Pe3b81v9149691474&_p=1700751554755&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1692980031.1700751555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1700751555&sct=1&seg=0&dl=https%3A%2F%2Fbuscadordetesoros.znice.info%2F&dt=buscadordetesoros%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=994
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NFBT8HZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buscadordetesoros.znice.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC66 577 KB
142 KB 692ms
690ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7330067866221924&output=html&adk=1812271804&adf=3025194257&lmt=1700741108&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fbuscadordetesoros.znice.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700751554866&bpp=4&bdt=301&idt=382&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=698192591006&frm=20&pv=2&ga_vid=1692980031.1700751555&ga_sid=1700751555&ga_hid=1841735109&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079518%2C31079605%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809053&oid=2&pvsid=221451752236677&tmod=1707700883&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef48f682c80f261d3766d302b8c1278df2c1d1098394be44f223297377bfe352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 145011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:15 GMT
expires: Thu, 23 Nov 2023 14:59:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 80ms
79ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b3d1228cd383f879799a6314de8017465a3e6dfc89d022258c5778e1c25097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55841
x-xss-protection: 0
server: cafe
etag: 13379928657498888151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:16 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 4121 9 KB
4 KB 57ms
53ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 23:39:41 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 23:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 861B 9 KB
4 KB 59ms
55ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 23:39:41 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 23:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 6FCD 9 KB
4 KB 75ms
51ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 23:39:41 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 23:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C456 9 KB
4 KB 68ms
53ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 55175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 23:39:41 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 23:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4121 4 KB
769 B 65ms
64ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 13:12:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 14:59:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4121 205 B
295 B 240ms
62ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:48:48 GMT
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Nov 2024 14:48:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4121 604 B
1 KB 237ms
60ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:34:36 GMT
x-content-type-options: nosniff
age: 1480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Nov 2024 14:34:36 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4121 15 KB
7 KB 231ms
54ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:19:12 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4121 21 KB
9 KB 282ms
106ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:27:38 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9F4B 624 B
246 B 98ms
93ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNVL-GiaxmeBxM-m6VUaIfMN5rsFD2mtWvypqBiMo-0XAhKD7P51lXGD9C-53MvYQmUftxMHWzJhjvhpVR7m7f48YuoPEA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:16 GMT
expires: Thu, 23 Nov 2023 14:59:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 861B 111 KB
39 KB 265ms
133ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 04:26:23 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 861B 7 KB
3 KB 86ms
77ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 02:48:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 861B 23 KB
9 KB 80ms
74ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:01:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 861B 41 KB
14 KB 250ms
148ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 09:45:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 861B 3 KB
1 KB 224ms
123ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 861B 20 KB
8 KB 159ms
59ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 861B 42 B
63 B 94ms
90ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C19qcki7LckR5His1MJTnYaL7AFfkHJeJlqe8-6AvWH8dKBCOJonWQSur4fx-Z3qmkzRQ-ZnLlpFK3m7kTvErZi1DSNoE3R51cQdzTKjsHWbEOSa8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 861B 202 KB
64 KB 175ms
53ms Script
text/javascript 2607:f8b0:4004:c17::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C979 624 B
246 B 126ms
104ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV5nFJETW2TH-ev0Uqb2YLlehqnTogp6j7_NYTJIxY2ZVK-LXHvN0ufBCySbUMgTJbf-G_Un5OblR_3ETIeOOO7kWj7Mw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:16 GMT
expires: Thu, 23 Nov 2023 14:59:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6FCD 111 KB
39 KB 125ms
56ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 04:26:23 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 6FCD 7 KB
3 KB 85ms
62ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 02:48:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6FCD 23 KB
9 KB 77ms
51ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:01:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FCD 41 KB
14 KB 187ms
150ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 09:45:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6FCD 3 KB
1 KB 93ms
58ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6FCD 20 KB
8 KB 101ms
65ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FCD 42 B
63 B 114ms
91ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9LfRVoJV397G4c92SgWOpyjxbGrJHRF46TeBRGjbz22FcZAVwHZ3uv_seiNUZ3ZSZNpAd8j6sMUIcJoEqsK9SD0b1F-SHStYz-HqQxhRCII7eVHk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FCD 202 KB
64 KB 262ms
205ms Script
text/javascript 2607:f8b0:4004:c17::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BCF2 624 B
242 B 72ms
70ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Yw63w5QEwAQ&v=APEucNXOpeUDXpi-yG98s5-0uErq1exYise5rf8FIUAFNTXFx-QNSwGwrjavMzzNXmJFKWnDr2vA9nH5U0Ow2Fo_OPAFkFIRMQ

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C533 111 KB
39 KB 198ms
198ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 04:26:23 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C533 7 KB
3 KB 52ms
51ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 02:48:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C533 23 KB
9 KB 168ms
156ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:01:53 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C533 41 KB
14 KB 102ms
88ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 09:45:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C533 3 KB
1 KB 102ms
90ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C533 20 KB
8 KB 81ms
69ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:14 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C533 202 KB
64 KB 189ms
178ms Script
text/javascript 2607:f8b0:4004:c17::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C533 42 B
63 B 166ms
158ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9y2eWDta7V8rauWEKEfxGG4SUf_u97YaXkuvsnJIDY1KegaM_KCMclapLMUZUyXrMDH1nBybHTgeBtMfIpFnPwVqcR-BA28T3B8Be7lYSvclaVYs

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9F4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

43 B
735 B

84ms
80ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNVL-GiaxmeBxM-m6VUaIfMN5rsFD2mtWvypqBiMo-0XAhKD7P51lXGD9C-53MvYQmUftxMHWzJhjvhpVR7m7f48YuoPEA
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS0OWmwbeWgm2lYGVSbfR4JHs8aDx7Tq5cqN1QAcXRvlVRfiwM2RD3cgHFMv5tACI2LUtvzS6bFRFXB%2B6sZLaXorEH2I%2FcLwpmMbWKQ%2BmbjJcY79iFcWNeBpGDgYC%2F8zs6DjP55ovUZM5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46706e72db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9F4B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxavHUV2C9jF-UI91MgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

43 B
739 B

88ms
85ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNVL-GiaxmeBxM-m6VUaIfMN5rsFD2mtWvypqBiMo-0XAhKD7P51lXGD9C-53MvYQmUftxMHWzJhjvhpVR7m7f48YuoPEA
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlsCjZRE%2BuZTZynRR8syYVcMVp4qreQ54ZOkrM0AkUn6gsiwxApEeBsgYdutmoYKpkbXVEAwjGBQB%2BmXxkVuFY6%2Fyhlsxpy8EP4oIaFCrV%2B%2FCklYlAthK6AS57uADwx7lZyyjae075Tk%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46710f70db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9F4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

43 B
898 B

83ms
68ms

Image
image/gif

68.67.160.75

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNVL-GiaxmeBxM-m6VUaIfMN5rsFD2mtWvypqBiMo-0XAhKD7P51lXGD9C-53MvYQmUftxMHWzJhjvhpVR7m7f48YuoPEA

Protocol

Server

68.67.160.75 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: cdd416bf-834e-4cb1-af95-5a4ee4508f0c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: 13334be5-0605-4fc5-91e0-1484d312ff83
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F4B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

170 B
188 B

67ms
67ms

Image
image/png

172.253.115.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

Requested by

Protocol

Server

172.253.115.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: 37677695-83d6-4e94-8a98-44c42b6a2399
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C979
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

43 B
739 B

78ms
77ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV5nFJETW2TH-ev0Uqb2YLlehqnTogp6j7_NYTJIxY2ZVK-LXHvN0ufBCySbUMgTJbf-G_Un5OblR_3ETIeOOO7kWj7Mw
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRJA82IEJOy%2F5flvI8hs5YRPZZQBB3DyJJ8ZXgnDDP0ZSAui0VjAQlz0RuFaGHnxsJ7fgJlCVRRgr3i8iwGEXhRNfA%2BhftOAPrkQ1Iii9vxD%2FXup9AQPB1nnlvWvPvuvNyq%2FDBXXybT%2FdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46706e67db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C979
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxavHUV2C9jF-UI91MgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

43 B
739 B

90ms
81ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV5nFJETW2TH-ev0Uqb2YLlehqnTogp6j7_NYTJIxY2ZVK-LXHvN0ufBCySbUMgTJbf-G_Un5OblR_3ETIeOOO7kWj7Mw
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLkn%2BiXOx%2FjoL%2FKuo%2FHT74A1rE9CmRvITD4cg9g4h4BfuxNNxhc5fCfDSnwrEpuvBU1GJ56Yx5AZDQgU4GMFxFg4R%2FILhEngHcXZpS3ABjwsTduZpIK%2Fj6lF0iTt14XkvYjDuWISsdSCUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46711f86db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C979
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

43 B
898 B

90ms
76ms

Image
image/gif

68.67.160.75

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV5nFJETW2TH-ev0Uqb2YLlehqnTogp6j7_NYTJIxY2ZVK-LXHvN0ufBCySbUMgTJbf-G_Un5OblR_3ETIeOOO7kWj7Mw

Protocol

Server

68.67.160.75 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: 3c0826d7-df10-4e53-8f28-4a47d5c28130
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: dde20098-7813-4ac2-94e9-0e2bb5ee225c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C979
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

170 B
188 B

74ms
65ms

Image
image/png

172.253.115.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D

Requested by

Protocol

Server

172.253.115.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: 3eaef913-4eaa-4687-ab63-41afa058d09a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEwNTc3OTc0MjY0NzcxODI4Mg%3D%3D
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BCF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1

43 B
775 B

76ms
76ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Yw63w5QEwAQ&v=APEucNXOpeUDXpi-yG98s5-0uErq1exYise5rf8FIUAFNTXFx-QNSwGwrjavMzzNXmJFKWnDr2vA9nH5U0Ow2Fo_OPAFkFIRMQ
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Fv2abAyMMixO43IWAV%2BaZebiLrwu2lrLE6K%2FVINGbxpk%2FUwx7Gnayuaet%2F1bJe9B7g8XvHQOCWUPnWCbJ0X0b5nJ916VWjrxXauAcrNxnyVXVbkPFRokgFKw%2BMXEXD4GTDf4l7CeaAPRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46706e66db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BCF2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV9oxXcKuAay8ExqCt.R1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1&google_hm=2

43 B
735 B

75ms
74ms

Image
image/gif

104.18.36.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Yw63w5QEwAQ&v=APEucNXOpeUDXpi-yG98s5-0uErq1exYise5rf8FIUAFNTXFx-QNSwGwrjavMzzNXmJFKWnDr2vA9nH5U0Ow2Fo_OPAFkFIRMQ
Protocol: H3
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqKHHQMBV8SsS2SsqL7WehhfZa5UNhrbgIpPO5qDUdtO%2BcjujXuR1jxVBnTlCaguOLVhtfV9fx0TpAtg2foCRdU%2FaSBVmJficVTaQ4LNbqWL8yw%2BEB2kERFlbdbeo4Wn3AGONd34lpYMJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82aa46711f92db19-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWbuYQaTjax3ALsksEn72w&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame BCF2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2-xBLi2OdUgpMB-EtxwU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

43 B
898 B

83ms
70ms

Image
image/gif

68.67.160.75

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP_1exD12n0Yw63w5QEwAQ&v=APEucNXOpeUDXpi-yG98s5-0uErq1exYise5rf8FIUAFNTXFx-QNSwGwrjavMzzNXmJFKWnDr2vA9nH5U0Ow2Fo_OPAFkFIRMQ

Protocol

Server

68.67.160.75 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: df757947-c6e9-44a3-82ad-6bd328e84bd1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: a409a36b-f612-4a1c-9165-5ad866570538
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOu2-xBLi2OdUgpMB-EtxwU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMjU1MzY0Mjg0NDk4MTc4MQ%3D%3D

170 B
188 B

68ms
67ms

Image
image/png

172.253.115.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMjU1MzY0Mjg0NDk4MTc4MQ%3D%3D

Requested by

Protocol

Server

172.253.115.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:17 GMT
an-x-request-uuid: 2f619137-352a-4b84-9d68-670b4ee5ce27
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMjU1MzY0Mjg0NDk4MTc4MQ%3D%3D
x-proxy-origin: 38.132.118.76; 38.132.118.76; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 82F3 14 KB
1 KB 70ms
66ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 14:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 13:02:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 14:59:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82F3 2 KB
822 B 58ms
51ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:22:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 82F3 23 KB
9 KB 72ms
65ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:14:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D6DC 143 B
166 B 85ms
55ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:52:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82F3 3 KB
1 KB 60ms
53ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 05:49:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 82F3 20 KB
8 KB 60ms
54ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:14 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82F3 202 KB
64 KB 93ms
58ms Script
text/javascript 2607:f8b0:4004:c17::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 14:59:17 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 82F3 37 KB
15 KB 87ms
54ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 03:01:53 GMT

GET
DATA 200
OK truncated
/ Frame C533 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3af8b16e1775765e78349d6dca53dc7b4912d053f357a376424bbae8ea8cc294

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8673 38 KB
13 KB 69ms
64ms Document
text/html 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 105833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 09:35:24 GMT
expires: Thu, 21 Nov 2024 09:35:24 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 6FCD 1 KB
975 B 227ms
54ms Script
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3778963583
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 6555
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: jYSoW0svoJEgzLmVzK3n1mrftTsFmqcldmFWdhZTk8P8mg-8UYE-Ew==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 109 KB
28 KB 185ms
61ms Document
text/html 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0f338f4e3869fbfddb17989baef2bf26ac8466d2a740e25c58f389de55508b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 28654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28484
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 07:01:43 GMT
expires: Fri, 22 Nov 2024 07:01:43 GMT
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6FCD 0
0 248ms
87ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvHi9t2obggOz4qx-dKfCnqJ9fSe_kJyUpT3sgiRSa_CM7F1n0L_kmaXnROYZ2jAgDWwWJjMRFkAXq-oVH1QFmWnnhdBMRj6QaqVwZGgTZpp4HEx7ajNRGJeD68LkMQCfuBjhttnX_ytcduZqIfO_cAdJA0XxDEN5M06Q2bxbTaCHQPe7tV6MtjV1s6XX7J7Y2pLGCTI4WzJ8tVI4Ptv4EsbSxi5NGf4Np9IzgMmcU2gDrS9Z32DTUdiwz3o4mLxMIlS0yO71h7tKLCvteWOaFmY4x2OEfO5h1xcrvLghdsbilMRE0AOWSVd67oe-100f6Q_DjEO2wuYEkQpWewNu9w3tLH-nLHddwU_x8UoGYayaIZnQ_zG08_jFSNVnxghER25sVm72sfJOcsPlK0_UssHRBS43mFG1Fuzwidc6Ir_jf2JKrf_yTqNT3GxQHDrONhoQxh_UI4rvDQ88hImAUtn_8GXazwsdGI2btM06w_EgfTuZ5kRSHjzFwxe3noERdOXcJVmMs2TjCKPIemBUf_2BOuHwcH0c_-1w8DsKakST6yqI597Qd5mlC82kDnvyjLZBebkBzb-Sb8ckaECe4gGFPBkPceBLH2uzVv6xocxPar507LxQEInnDP74epq3dZTerBQvekm-U_oMjSmqn3RtZ7Bv9f_6sPe_TLKT74ZBb_laBx377SnGA4WCfYQ3Zbu69gInzGZBw-7bT5nNKDOQWyJLo-PzAw4IdxlF3HMZNf1eXHVgFVQLagNHVrZcyb3ezvz6ZFx5udHaACpzuy_loqcHCbu1wS3Owdo8cxIvI_BvcS54IofEQwQvwrCaFI5TqTp9suDHvocnoyJTfSE9qO7afs5Whtj_zrj53u3fhNv5yuJ1M0upFYkAcxUa7OIyg0gGGbWLqNKcFpZhYTJQKDIl9a4czO5ukk1fiES9eRCg65Dppb23R3wjdf0uRtrUkQMbmkNF6F17ndfdTuMrRo7NHIXralgPN89i5l7ePMuavCjmOFXBweC_pcgHqq0jj2U1qcCYzzq3U_IuH9lGP1ZmeaneXPQ6QLwOi7AAgq02IjpFwimtcWm8fKTtABAigzmHymuQIsYKVyxlrnR0Dl8jDwAf97phkh76NdXgcuXkzSfF-I-55QtjYuQTA-ilq3DJgTMo4YXnzZQZ-W2oaYmS7vGK1--Bd1_5MvReBw3ubtX_l75jvxCOEiwyzprcjutH-4rnVzpA63OTjgw0FKlFPysETEznSXgvh_nzFdI-t0vEHD4kdQVpngzFJRCLPhY0wL_ymAo_B5iN5c1bKJIpy0TRV0xT7hmj6Z9MM9nUIfvwMhg01d5x10LiBv-VjEfy9CdtOUDzq81JPbgAmG0h9dtf4E1-JPAUNgghG7rN5zJ4JXt-iQdcff0LIgPsTz1QbUt8tisMv9FGPKrkXCNqDdSm9xFg&sai=AMfl-YSx-JKm5BwaStMXQ9QLXF_iZrQ7ADiOApdr3XyOrByoGIAEg3Ekjxvn8WlWg6VKIpV_HXCdfCUDc5ar05fWNxcIDWlR6wn-e09NgWfYAJKL2p3nYZHjU-b0MgYtGkEHtwaM-E_jXmBYgTXL7AXH5QvQlG0IUK6mwyE1dHKVQjTNveIa7UQLHzRmt8WSevjuKNbXpflG-2iGYtWhDwx4ofxupuOkb14J1p41jEYK_HGzBBdN_paT5cbfbaqdJZPKJFS807IDf5cYU6JH7JjhRK6PPupgk1wzrzsNkGVcNF9y4rMEi6HBzAvCUbh8HO9Al-TTb8_sXL8gcBMbeGhIbS2w5aavkzzgF-nVYaVUMb_9kfU7cIbDUDi0mu5OH3AGOSIvnLM19gdrVfVttBlv4tbQR572u9yg7jI_bmcr6JE43KtQlBgr5A3Rn1beHvnP0JwtV402ZZ83Tvhy_zFX_Et-G8NGLdoqn_lcVii5WRdUggckglPrXFCCLzIepgP5z5CEm5dAQF5ZLQ&sig=Cg0ArKJSzHaddwyFnqpXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=517&cbvp=1&cstd=505&cisv=r20231109.06213&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 14:59:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 6FCD 1 KB
1 KB 216ms
57ms Image
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3778963583
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 6555
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: aHXzo3AtVr_FJcD_IECAhR1xNyTel2HtlmDPZgVksvueIypRduX50Q==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 397F 38 KB
13 KB 60ms
55ms Document
text/html 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 105833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 09:35:24 GMT
expires: Thu, 21 Nov 2024 09:35:24 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 861B 1 KB
975 B 202ms
58ms Script
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3021171499
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 6555
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: qzt6xx8OlEd1RPG4XNRJ0QLD00ZzG_x4U-iLgVOnCgMiX665KbJvJQ==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 109 KB
28 KB 139ms
52ms Document
text/html 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0f338f4e3869fbfddb17989baef2bf26ac8466d2a740e25c58f389de55508b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 28654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28484
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 07:01:43 GMT
expires: Fri, 22 Nov 2024 07:01:43 GMT
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 861B 0
0 217ms
82ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuIZlTLsNhq0ZK5DFUcHiO_Fsd5yEXJLggRdprAV_aCKRuNRWxU76eQD4OERiaePsYC5nHrpK0yFqj2KdGHT_Q-7548oNV2ZZBQob0bq-LTNo6NSWC7iwiphDmT31M_zUkuCRRWVRHk-TqOSsfM91S6qJBgsZg9GaXbsxPPolxPJ7StHOLkCc5sOgVUnUWUrqN-uy1JYjAsr5Bg9crvFne73azznjJ5kjhS38WKDQnLcZtiA0cgJXtKsiVR1dskfRvW3brdjOQ5NbU0XBRQsU-4-tp6D9ThxCdp9IxrNQz2QGjturFtT3pqt86tG122W-szCyBZBpgxDfMqloEqRHy8mfOS9XmRKmFjZCtIz9vKRo66nYAAPl_UJKhOE7ECabiQvxDWytmPqXm80TFp5XwYYVDz0d3CzbDvukzaccgB6ss-pwPbcCiqfVyLxgXtYpbzsLJvaSvCy_DRn8sd-BNQrQNWsL7IbZJmbz0EUL47T6K5ZbSnp5124SsXtJtOJC6tEXv5L_lXFhf-8u32jqI-h4TaO8rBuhc-sYBgAuJwQyuZyijO4C1oeUh5RXmJBg6H1xglDFxfT-Twh9BPMhLZnSTHg4duoSwAXk73hnUOm3n3ZENYdqhBFTiwT4jWEBqn3N-OWuFEb6OT7f_arGxurVVL4wHaAyEzewkNDKSzQn9rqSo-Lwgk2ikQ2XpdwRiaFfuEA0ucnZggXTuYFz2wYeDYjHUROzKdoKKzjfnvhkZ0Q1qdGBetzrPVzS1r7zW3Dy3SJkO5ZSM6oSKnReLyXiEoDM0f48Y9_FH94X92K6vbXyfOkIRm8pvyQalI13hCPgAx2cDmMKqeICl-50DYY5yzadkEM13p9Gb3uqGm5fPUnk3eEFxC9w2Yyub-tCk5OEVktRvTjVVGkCbYObujjNdA6_5hDKe9GqIpB1RSlbKZ-1Id42T-1zKlxZyQwnR1eIy-CTcdS-8ywqxcScOKA1pTAuHpxwyyPYDhs9g2JaKADuWHhef2a7m_kvwDGc2Yl5ohWp57kREgl2zimhCbaIAGwz_owy1tfMNUjV9n5mz30VQ61qjPY8lGDF21g0i3sgdDLwdydwLkdxN3MoIEELZZZSwtrYm2khZTAV9d3HIi0D3ynIaTKi5-L5NOFhTI1p_ZVZ4B7lB9V5yUPsLmtJ2qGOCcPbMWLsrk9bCo4gnyH6uwLOxQW9nHaictSO2KDEunCdsP0V2bjl2ARyjuIU8i-BQ3rKZDa7mJxE4b_VJXsmIkMWbutOp9pZZWi9SjIf16Pl_nUAmUNv71xDdUk6kt3Q2Zw5PA90_KeHu5sP4VMgnMqdQXDt44zG_nF2d53k22nqXvGAkNgg4dduzskyjdakqpfMiz5Lo3qHsI9fODFLkIi7WSpYdVS2tK2SRSkbYsZl_XT7mHqrSRgT2Oa37Ch9MtTeLFkw&sai=AMfl-YRT2-L0AUe4zGZuwfxUFgAoLPtjmLLZQpklvcGhH4lXbb9LJvX8ElhFaxQA_NDl6TJqFddq3r2o1PxL9QcC79hJkp8jDhdQ6L2QGjUDaJLcHgZsW32VWj3pknZA55Hnu9D_ejYmnb-4lvpx6kHhMhCxm5glUPCaZet8Ad0tNfm9AQ1J0PQDJJn8I9IkZ06Gb4t0MC-aLMKmCW9N_4LqASMeqdR1-Vig5gajHI8nJM0AG6XeihCKn67YNwpwejZV5_jsafKs8poJApqeghpjYKe0EeMlmeDiQ1uwfEQMRBb-Tchwg5IwZOzxcLQUJjma7W9j9YnqHZAuw72honwoF4dJFtLAXjDp4zQU9isCWSUrxcXuS0SzOpyIn7KYQBtKt6GRJ3ZZ8MuiYZi4M0hKerSsn_vuQGt2IXON5e3IwoHTn-9w0BpqvkXs-cls-gWjeIzrCwpGJYtlOlGl5IkkCshKF1B-OxDzvTwvDwUtEww92NseAEPPzspTOt7OjVHGtpAVcsk3pGCCoQ&sig=Cg0ArKJSzKrI-AH_bdXJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=609&cbvp=1&cstd=605&cisv=r20231109.75554&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 14:59:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 861B 1 KB
1 KB 193ms
59ms Image
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3021171499
Requested by: Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 6555
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bYUcKlcR4AG3T41FuPnJDPIyjSbKG2GhTLqLDuUIytm6BOpO3oBYKw==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A49A 38 KB
13 KB 71ms
57ms Document
text/html 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 105833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 09:35:24 GMT
expires: Thu, 21 Nov 2024 09:35:24 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/ Frame 8AD6 75 KB
20 KB 65ms
56ms Document
text/html 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e0b050f669b9fff6dc0f4b37c032610dd4d076a292a4bf347a1b2863606b031e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20217
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 04:15:21 GMT
expires: Fri, 22 Nov 2024 04:15:21 GMT
last-modified: Wed, 05 Apr 2023 14:34:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C533 0
0 94ms
90ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYZaFNsrm3my6sD-iCDCaToUe9CwZWHWFqNxSccg70yUOItQ9Xmtwwhf2O2Yg2UArWNpd-xbpR61R0vIXkoLE0yzwDlMfwp3MTGW1wZtCFI7CO3otImw2SQrwN1C29fn3eaiXW1R4Og9ldVMUITubIsRI0R6SVnkMHx6cOEnmXPcbPMIxu_vrwBvUREhNMWpJ61VvCA2Letve_vW9maReLZuoYddla4MdJnqmenT09Kp8tiL9Z4hnCUdC-ylllN80Kmfs4z5vr4_HS_gTaS9su9YWxHd_Gax-SXtoTWk7nftJ3MNoxs3g0Z6aGkWobcXLBtywfMwHKNb99nD_Cf0wIKLM_YrR7Gsf1LDdCcInj7rKPIVX8j0pzAvCux3EA8kwquzXgMeL88QPjYbtQj-1eH5klvOdEM8a_GQJe0HlxMsxEpbM4qayxY9iGHhIClMAsFv-COu9AhOY6B-C_EABEy4ERnBVuFIprOq-VmQca66RYcbOYwNx1nm0jpNp941F3-5Yer857M83D62yxdMlycnm6ejgNJpoCtca5IbJaI1qiaM6IFyZq_gRSTqz-g6rkT3gMKeeUCknBzvxVq7BZdYnPQIyOZ5KHp-W0-LmZoxFB4u9XUPXv5lyn7rlyEi3dAESm8a9LwrBWdCYbNLaLgz5FB7ZIqC0blMGWv2BcDmiy2qvrQ4D1s5t1cEhZH3RjYZXCErqg9PfdbTAKr4mxE8i7cqVEjKPs2wosNLsRQQcbLbdoSyqaMs6MJlzzX_ogSgy8rtF4hSP2HDtkKM9UeFrKBd-Hg2h3g_W_1qXWcpiDvAecEJLS_TvuR9cW3VqrGiuKy0lE7-60PZefNFgEyPOzZBl_xbq6fA4tvkMJdawH--dUWF-Bk175BwqZzcRospczVQEjgtiQpnpBOEfZhLoFyCzp51Mr67MW_o2g5N6BKRIHLZckDzSd6xhi2cOBBOqhW3Gjr9YZE2NetaVTNA8um2SNxgCIN5BijJ1J8Iyga-SdaFisSjhpr0iAtjQH21j1K0ybWL1P4VgUP9KnRJoG3y4_GzG284X1TToDXe-K60DsRnswYgv7-NaXRK4brnKWK_YPH-SeZRpsyn7m_7wL8bt-6ebqFJp8ZE4-BL76pwD8txod82tzGCHEMu3D6ykKXW5x4J3QGofdDRIypz5ruWLganArHYgDMT0lqinDII2xuJgdfzNflbC3hC_Ktt1UEtpMg95FPJFLC13m-gPOOWjSOQYvipF4MEkYguX2OfpRS9ue_4-pHA2uMdENt6k_hADZAPMOHGHkTnNL2hrR8-qh47kSjSmwvbwP3g_sz_V130GHsJpz1WKnubbjQ0u-cS8RPEHowyGq0XCRjLox72g_cTctXanmGIHVhv7nv9OUC8KHDb-YrarHBUWv5w&sai=AMfl-YRYVkYGad-vp7poK6efQdBXXMFnRxEf0bmX2Y01FJYCAvkY9CqVAY-UCFpK4ASOdA1NE2M0hQOwKuP3jWcoyi91FY5VXqhcnFoawNB0655eICtQudFU2LD-IYoFz0v5Zk9Rb0fzKV7aRbW2QjTMW1Cw24yeTTvvwIffSn203K-hVtda3NcbXgVV8rlTgVGCaR4lC3aDppHAlg5FUhl7TbTOg8DVDLWr6VFsgARoAF7vSe9pBfeyxEpz5R8kvVHZ7ph9X_B830EJYUBHfnVYGDAc53vpde_-uVxW08YXm2_cnS0KEsozerUDEyfYK6Z4o_7FRTe1Jyc-uNN4VXSaRLjamn_f6bZExFF_aXutOxwEUeOioveFe8TEO--98nqunsqZ2uWIGdc8WXv2ikDHwbhG8E_pWRyTb6NfgVJqKfyLg_v1AVw0TgjH5i7EiD5kdq3yIR3KjtNNK7E4nCd_xcxd--VFxPVtAWIgQ1_D_CXdtPgf8W7fd6TcuwqU_fXXOJGdXSuhaWQ&sig=Cg0ArKJSzDiJwPYo575pEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wdXJkdWUuZWR1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=706&cbvp=1&cstd=686&cisv=r20231109.71257&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 14:59:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0391 8 KB
699 B 75ms
70ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afa3526bf5919d08afdcd76f6073328f2b3a22c2d9a7b7da23549565dedeb649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 14:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:43:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 14:59:17 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 0391 32 KB
11 KB 63ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 07:29:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D2C8 8 KB
699 B 65ms
63ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afa3526bf5919d08afdcd76f6073328f2b3a22c2d9a7b7da23549565dedeb649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 14:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 14:40:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 14:59:17 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D2C8 32 KB
11 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 07:29:19 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8AD6 29 KB
10 KB 60ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 03:25:21 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 6FCD 19 KB
7 KB 59ms
59ms Script
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700751557923
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3778963583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:51:48 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 4118
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: FIpFzIu9aThIiRfmA2rT17N7MWwxFGm8Kri-r7-6u9mNuzO8cyFuUQ==

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 861B 19 KB
7 KB 65ms
65ms Script
application/javascript 18.238.4.98

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700751557925
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3021171499
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:51:48 GMT
content-encoding: gzip
via: 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 4118
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3kroCJwdFH00H1635dOyOZ3Q10oMHK6RzEJ2vtznyEc35VJhUpk3aQ==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D6DC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

72ms
71ms

Document
text/html

2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:18 GMT
expires: Thu, 23 Nov 2023 14:59:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8673 39 KB
15 KB 53ms
47ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 09:24:56 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 397F 39 KB
15 KB 61ms
60ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 09:24:56 GMT

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6948 38 KB
15 KB 62ms
61ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 02:54:43 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame A49A 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 09:24:56 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 6FCD 0
0 83ms
82ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvHi9t2obggOz4qx-dKfCnqJ9fSe_kJyUpT3sgiRSa_CM7F1n0L_kmaXnROYZ2jAgDWwWJjMRFkAXq-oVH1QFmWnnhdBMRj6QaqVwZGgTZpp4HEx7ajNRGJeD68LkMQCfuBjhttnX_ytcduZqIfO_cAdJA0XxDEN5M06Q2bxbTaCHQPe7tV6MtjV1s6XX7J7Y2pLGCTI4WzJ8tVI4Ptv4EsbSxi5NGf4Np9IzgMmcU2gDrS9Z32DTUdiwz3o4mLxMIlS0yO71h7tKLCvteWOaFmY4x2OEfO5h1xcrvLghdsbilMRE0AOWSVd67oe-100f6Q_DjEO2wuYEkQpWewNu9w3tLH-nLHddwU_x8UoGYayaIZnQ_zG08_jFSNVnxghER25sVm72sfJOcsPlK0_UssHRBS43mFG1Fuzwidc6Ir_jf2JKrf_yTqNT3GxQHDrONhoQxh_UI4rvDQ88hImAUtn_8GXazwsdGI2btM06w_EgfTuZ5kRSHjzFwxe3noERdOXcJVmMs2TjCKPIemBUf_2BOuHwcH0c_-1w8DsKakST6yqI597Qd5mlC82kDnvyjLZBebkBzb-Sb8ckaECe4gGFPBkPceBLH2uzVv6xocxPar507LxQEInnDP74epq3dZTerBQvekm-U_oMjSmqn3RtZ7Bv9f_6sPe_TLKT74ZBb_laBx377SnGA4WCfYQ3Zbu69gInzGZBw-7bT5nNKDOQWyJLo-PzAw4IdxlF3HMZNf1eXHVgFVQLagNHVrZcyb3ezvz6ZFx5udHaACpzuy_loqcHCbu1wS3Owdo8cxIvI_BvcS54IofEQwQvwrCaFI5TqTp9suDHvocnoyJTfSE9qO7afs5Whtj_zrj53u3fhNv5yuJ1M0upFYkAcxUa7OIyg0gGGbWLqNKcFpZhYTJQKDIl9a4czO5ukk1fiES9eRCg65Dppb23R3wjdf0uRtrUkQMbmkNF6F17ndfdTuMrRo7NHIXralgPN89i5l7ePMuavCjmOFXBweC_pcgHqq0jj2U1qcCYzzq3U_IuH9lGP1ZmeaneXPQ6QLwOi7AAgq02IjpFwimtcWm8fKTtABAigzmHymuQIsYKVyxlrnR0Dl8jDwAf97phkh76NdXgcuXkzSfF-I-55QtjYuQTA-ilq3DJgTMo4YXnzZQZ-W2oaYmS7vGK1--Bd1_5MvReBw3ubtX_l75jvxCOEiwyzprcjutH-4rnVzpA63OTjgw0FKlFPysETEznSXgvh_nzFdI-t0vEHD4kdQVpngzFJRCLPhY0wL_ymAo_B5iN5c1bKJIpy0TRV0xT7hmj6Z9MM9nUIfvwMhg01d5x10LiBv-VjEfy9CdtOUDzq81JPbgAmG0h9dtf4E1-JPAUNgghG7rN5zJ4JXt-iQdcff0LIgPsTz1QbUt8tisMv9FGPKrkXCNqDdSm9xFg&sai=AMfl-YSx-JKm5BwaStMXQ9QLXF_iZrQ7ADiOApdr3XyOrByoGIAEg3Ekjxvn8WlWg6VKIpV_HXCdfCUDc5ar05fWNxcIDWlR6wn-e09NgWfYAJKL2p3nYZHjU-b0MgYtGkEHtwaM-E_jXmBYgTXL7AXH5QvQlG0IUK6mwyE1dHKVQjTNveIa7UQLHzRmt8WSevjuKNbXpflG-2iGYtWhDwx4ofxupuOkb14J1p41jEYK_HGzBBdN_paT5cbfbaqdJZPKJFS807IDf5cYU6JH7JjhRK6PPupgk1wzrzsNkGVcNF9y4rMEi6HBzAvCUbh8HO9Al-TTb8_sXL8gcBMbeGhIbS2w5aavkzzgF-nVYaVUMb_9kfU7cIbDUDi0mu5OH3AGOSIvnLM19gdrVfVttBlv4tbQR572u9yg7jI_bmcr6JE43KtQlBgr5A3Rn1beHvnP0JwtV402ZZ83Tvhy_zFX_Et-G8NGLdoqn_lcVii5WRdUggckglPrXFCCLzIepgP5z5CEm5dAQF5ZLQ&sig=Cg0ArKJSzHaddwyFnqpXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1301&vt=11&dtpt=784&dett=3&cstd=505&cisv=r20231109.06213&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C533 0
0 88ms
87ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYZaFNsrm3my6sD-iCDCaToUe9CwZWHWFqNxSccg70yUOItQ9Xmtwwhf2O2Yg2UArWNpd-xbpR61R0vIXkoLE0yzwDlMfwp3MTGW1wZtCFI7CO3otImw2SQrwN1C29fn3eaiXW1R4Og9ldVMUITubIsRI0R6SVnkMHx6cOEnmXPcbPMIxu_vrwBvUREhNMWpJ61VvCA2Letve_vW9maReLZuoYddla4MdJnqmenT09Kp8tiL9Z4hnCUdC-ylllN80Kmfs4z5vr4_HS_gTaS9su9YWxHd_Gax-SXtoTWk7nftJ3MNoxs3g0Z6aGkWobcXLBtywfMwHKNb99nD_Cf0wIKLM_YrR7Gsf1LDdCcInj7rKPIVX8j0pzAvCux3EA8kwquzXgMeL88QPjYbtQj-1eH5klvOdEM8a_GQJe0HlxMsxEpbM4qayxY9iGHhIClMAsFv-COu9AhOY6B-C_EABEy4ERnBVuFIprOq-VmQca66RYcbOYwNx1nm0jpNp941F3-5Yer857M83D62yxdMlycnm6ejgNJpoCtca5IbJaI1qiaM6IFyZq_gRSTqz-g6rkT3gMKeeUCknBzvxVq7BZdYnPQIyOZ5KHp-W0-LmZoxFB4u9XUPXv5lyn7rlyEi3dAESm8a9LwrBWdCYbNLaLgz5FB7ZIqC0blMGWv2BcDmiy2qvrQ4D1s5t1cEhZH3RjYZXCErqg9PfdbTAKr4mxE8i7cqVEjKPs2wosNLsRQQcbLbdoSyqaMs6MJlzzX_ogSgy8rtF4hSP2HDtkKM9UeFrKBd-Hg2h3g_W_1qXWcpiDvAecEJLS_TvuR9cW3VqrGiuKy0lE7-60PZefNFgEyPOzZBl_xbq6fA4tvkMJdawH--dUWF-Bk175BwqZzcRospczVQEjgtiQpnpBOEfZhLoFyCzp51Mr67MW_o2g5N6BKRIHLZckDzSd6xhi2cOBBOqhW3Gjr9YZE2NetaVTNA8um2SNxgCIN5BijJ1J8Iyga-SdaFisSjhpr0iAtjQH21j1K0ybWL1P4VgUP9KnRJoG3y4_GzG284X1TToDXe-K60DsRnswYgv7-NaXRK4brnKWK_YPH-SeZRpsyn7m_7wL8bt-6ebqFJp8ZE4-BL76pwD8txod82tzGCHEMu3D6ykKXW5x4J3QGofdDRIypz5ruWLganArHYgDMT0lqinDII2xuJgdfzNflbC3hC_Ktt1UEtpMg95FPJFLC13m-gPOOWjSOQYvipF4MEkYguX2OfpRS9ue_4-pHA2uMdENt6k_hADZAPMOHGHkTnNL2hrR8-qh47kSjSmwvbwP3g_sz_V130GHsJpz1WKnubbjQ0u-cS8RPEHowyGq0XCRjLox72g_cTctXanmGIHVhv7nv9OUC8KHDb-YrarHBUWv5w&sai=AMfl-YRYVkYGad-vp7poK6efQdBXXMFnRxEf0bmX2Y01FJYCAvkY9CqVAY-UCFpK4ASOdA1NE2M0hQOwKuP3jWcoyi91FY5VXqhcnFoawNB0655eICtQudFU2LD-IYoFz0v5Zk9Rb0fzKV7aRbW2QjTMW1Cw24yeTTvvwIffSn203K-hVtda3NcbXgVV8rlTgVGCaR4lC3aDppHAlg5FUhl7TbTOg8DVDLWr6VFsgARoAF7vSe9pBfeyxEpz5R8kvVHZ7ph9X_B830EJYUBHfnVYGDAc53vpde_-uVxW08YXm2_cnS0KEsozerUDEyfYK6Z4o_7FRTe1Jyc-uNN4VXSaRLjamn_f6bZExFF_aXutOxwEUeOioveFe8TEO--98nqunsqZ2uWIGdc8WXv2ikDHwbhG8E_pWRyTb6NfgVJqKfyLg_v1AVw0TgjH5i7EiD5kdq3yIR3KjtNNK7E4nCd_xcxd--VFxPVtAWIgQ1_D_CXdtPgf8W7fd6TcuwqU_fXXOJGdXSuhaWQ&sig=Cg0ArKJSzDiJwPYo575pEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wdXJkdWUuZWR1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1218&vt=11&dtpt=512&dett=3&cstd=686&cisv=r20231109.71257&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 861B 0
0 81ms
78ms Fetch
image/gif 172.253.115.148

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuIZlTLsNhq0ZK5DFUcHiO_Fsd5yEXJLggRdprAV_aCKRuNRWxU76eQD4OERiaePsYC5nHrpK0yFqj2KdGHT_Q-7548oNV2ZZBQob0bq-LTNo6NSWC7iwiphDmT31M_zUkuCRRWVRHk-TqOSsfM91S6qJBgsZg9GaXbsxPPolxPJ7StHOLkCc5sOgVUnUWUrqN-uy1JYjAsr5Bg9crvFne73azznjJ5kjhS38WKDQnLcZtiA0cgJXtKsiVR1dskfRvW3brdjOQ5NbU0XBRQsU-4-tp6D9ThxCdp9IxrNQz2QGjturFtT3pqt86tG122W-szCyBZBpgxDfMqloEqRHy8mfOS9XmRKmFjZCtIz9vKRo66nYAAPl_UJKhOE7ECabiQvxDWytmPqXm80TFp5XwYYVDz0d3CzbDvukzaccgB6ss-pwPbcCiqfVyLxgXtYpbzsLJvaSvCy_DRn8sd-BNQrQNWsL7IbZJmbz0EUL47T6K5ZbSnp5124SsXtJtOJC6tEXv5L_lXFhf-8u32jqI-h4TaO8rBuhc-sYBgAuJwQyuZyijO4C1oeUh5RXmJBg6H1xglDFxfT-Twh9BPMhLZnSTHg4duoSwAXk73hnUOm3n3ZENYdqhBFTiwT4jWEBqn3N-OWuFEb6OT7f_arGxurVVL4wHaAyEzewkNDKSzQn9rqSo-Lwgk2ikQ2XpdwRiaFfuEA0ucnZggXTuYFz2wYeDYjHUROzKdoKKzjfnvhkZ0Q1qdGBetzrPVzS1r7zW3Dy3SJkO5ZSM6oSKnReLyXiEoDM0f48Y9_FH94X92K6vbXyfOkIRm8pvyQalI13hCPgAx2cDmMKqeICl-50DYY5yzadkEM13p9Gb3uqGm5fPUnk3eEFxC9w2Yyub-tCk5OEVktRvTjVVGkCbYObujjNdA6_5hDKe9GqIpB1RSlbKZ-1Id42T-1zKlxZyQwnR1eIy-CTcdS-8ywqxcScOKA1pTAuHpxwyyPYDhs9g2JaKADuWHhef2a7m_kvwDGc2Yl5ohWp57kREgl2zimhCbaIAGwz_owy1tfMNUjV9n5mz30VQ61qjPY8lGDF21g0i3sgdDLwdydwLkdxN3MoIEELZZZSwtrYm2khZTAV9d3HIi0D3ynIaTKi5-L5NOFhTI1p_ZVZ4B7lB9V5yUPsLmtJ2qGOCcPbMWLsrk9bCo4gnyH6uwLOxQW9nHaictSO2KDEunCdsP0V2bjl2ARyjuIU8i-BQ3rKZDa7mJxE4b_VJXsmIkMWbutOp9pZZWi9SjIf16Pl_nUAmUNv71xDdUk6kt3Q2Zw5PA90_KeHu5sP4VMgnMqdQXDt44zG_nF2d53k22nqXvGAkNgg4dduzskyjdakqpfMiz5Lo3qHsI9fODFLkIi7WSpYdVS2tK2SRSkbYsZl_XT7mHqrSRgT2Oa37Ch9MtTeLFkw&sai=AMfl-YRT2-L0AUe4zGZuwfxUFgAoLPtjmLLZQpklvcGhH4lXbb9LJvX8ElhFaxQA_NDl6TJqFddq3r2o1PxL9QcC79hJkp8jDhdQ6L2QGjUDaJLcHgZsW32VWj3pknZA55Hnu9D_ejYmnb-4lvpx6kHhMhCxm5glUPCaZet8Ad0tNfm9AQ1J0PQDJJn8I9IkZ06Gb4t0MC-aLMKmCW9N_4LqASMeqdR1-Vig5gajHI8nJM0AG6XeihCKn67YNwpwejZV5_jsafKs8poJApqeghpjYKe0EeMlmeDiQ1uwfEQMRBb-Tchwg5IwZOzxcLQUJjma7W9j9YnqHZAuw72honwoF4dJFtLAXjDp4zQU9isCWSUrxcXuS0SzOpyIn7KYQBtKt6GRJ3ZZ8MuiYZi4M0hKerSsn_vuQGt2IXON5e3IwoHTn-9w0BpqvkXs-cls-gWjeIzrCwpGJYtlOlGl5IkkCshKF1B-OxDzvTwvDwUtEww92NseAEPPzspTOt7OjVHGtpAVcsk3pGCCoQ&sig=Cg0ArKJSzKrI-AH_bdXJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1394&vt=11&dtpt=785&dett=3&cstd=605&cisv=r20231109.75554&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.148 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 6FCD 74 B
323 B 462ms
161ms Image
image/png 99.81.27.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?882262872054=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.27.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 14:59:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 861B 74 B
324 B 435ms
139ms Image
image/png 99.81.27.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?940598903284=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.27.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 14:59:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/ Frame 8AD6 9 KB
9 KB 61ms
58ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/cta.png

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

73eb54c35c5f8e2a744dab88e6cf04f279c1fe78a0d7c90f940dfdc2580c1b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:42:17 GMT
x-content-type-options: nosniff
age: 40621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9119
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 14:34:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 03:42:17 GMT

GET
H3 200 copy1.png
s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/ Frame 8AD6 22 KB
22 KB 56ms
53ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/copy1.png

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2aa9f73f4c780dce6eab0d280b2ff5e3fb765bf899b9c44913f38b0d0e1661de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:31:04 GMT
x-content-type-options: nosniff
age: 26894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22462
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 14:34:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 07:31:04 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/ Frame 8AD6 42 KB
42 KB 66ms
64ms Image
image/jpeg 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/bg1.jpg

Requested by

Host: buscadordetesoros.znice.info
URL: https://buscadordetesoros.znice.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

794165c736499e28e3d21d5e270ade440a630ca8b4f5fe70e09ad6fafec8d47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5952267551811396695/35978-1_PG_BRD_HADA_728x90_PR_LM_5_04-2023/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:14:51 GMT
x-content-type-options: nosniff
age: 31467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43435
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 14:34:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 06:14:51 GMT

GET
DATA 200
OK truncated
/ Frame 861B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d618b4275b68a7aea2217c53218c5e2fdb0087336705452b13cba5547e42b76

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6FCD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2552248813ba1c8b49d36974005c37e3b372928b1e784b84a2273872af40c20

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
73ms XHR
application/json 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65598b0b46826e365f287410a412eda995be5f7de9dac7b82edbaf475bf2f63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12312
x-xss-protection: 0

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 0391 33 KB
34 KB 95ms
55ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:24:38 GMT
x-content-type-options: nosniff
age: 156880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 19:24:38 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 0391 32 KB
32 KB 123ms
94ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:02:20 GMT
x-content-type-options: nosniff
age: 43018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 03:02:20 GMT

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 98ms
97ms Script
text/javascript 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 14:59:18 GMT

GET
H3 200 foto1_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 420 KB
420 KB 98ms
93ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto1_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:27:56 GMT
x-content-type-options: nosniff
age: 45082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429731
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 02:27:56 GMT

GET
H3 200 foto2_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 557 KB
557 KB 98ms
93ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto2_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:54:31 GMT
x-content-type-options: nosniff
age: 29087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 569990
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 06:54:31 GMT

GET
H3 200 foto3_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 641 KB
642 KB 111ms
100ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto3_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:27:56 GMT
x-content-type-options: nosniff
age: 45082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656893
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 02:27:56 GMT

GET
H3 200 foto4_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 395 KB
395 KB 114ms
102ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto4_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:07:05 GMT
x-content-type-options: nosniff
age: 24733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404384
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 08:07:05 GMT

GET
H3 200 fondo_160x600.jpg
s0.2mdn.net/sadbundle/10368321566219671176/ Frame 0391 16 KB
16 KB 128ms
116ms Image
image/jpeg 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/fondo_160x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9f2560efc60e0da15251a65621b4aa8411b5ad19bae6a239d77c051b1a1f86da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:29:14 GMT
x-content-type-options: nosniff
age: 37804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16780
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 04:29:14 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame D2C8 33 KB
34 KB 129ms
36ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:24:38 GMT
x-content-type-options: nosniff
age: 156880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 19:24:38 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame D2C8 32 KB
32 KB 138ms
47ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:02:20 GMT
x-content-type-options: nosniff
age: 43018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 03:02:20 GMT

GET
H3 200 foto1_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 420 KB
420 KB 145ms
116ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto1_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:27:56 GMT
x-content-type-options: nosniff
age: 45082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429731
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 02:27:56 GMT

GET
H3 200 foto2_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 557 KB
557 KB 180ms
150ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto2_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:54:31 GMT
x-content-type-options: nosniff
age: 29087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 569990
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 06:54:31 GMT

GET
H3 200 foto3_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 641 KB
642 KB 182ms
153ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto3_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:27:56 GMT
x-content-type-options: nosniff
age: 45082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656893
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 02:27:56 GMT

GET
H3 200 foto4_1.png
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 395 KB
395 KB 183ms
153ms Image
image/png 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/foto4_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:07:05 GMT
x-content-type-options: nosniff
age: 24733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404384
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 08:07:05 GMT

GET
H3 200 fondo_160x600.jpg
s0.2mdn.net/sadbundle/10368321566219671176/ Frame D2C8 16 KB
16 KB 187ms
157ms Image
image/jpeg 2607:f8b0:4004:c1d::95

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10368321566219671176/fondo_160x600.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10368321566219671176/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:29:14 GMT
x-content-type-options: nosniff
age: 37804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16780
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 04:29:14 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C533 42 B
64 B 169ms
141ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJOw4eSEfafgcNFT9Es6KXU5PgfN1XP2HZgDLpT_W5x9tm4U8R9r3tf8KXHhPZvyMJ7-eu9Lozl-UbcpUQWhvSyPFRifLw25gW7qNO3hlekiMe2SiUvGMmL7XC9eTWtdLcSQMuPmbCSA&sai=AMfl-YQSRSmjeslcrVWp-sQDxBR00xFKFWI_4fsZAekiJ23ZD8E4LbaEq9fsQRGNEH94UP1Ol76hd1dPh3kIDTVWdd1yCBw0Tz9wxvQB0R4RqwejbgAEUA5YtOQsczFIPiho9T-Y48hub8N2GQBYpIZH9Q&sig=Cg0ArKJSzKe3pUijrSLzEAE&cid=CAQSTwDICaaNrt5ZzZ93R-fU29mkaxVGoOJaxwREkclyOA94KGSgkzPM3afJaeJTE0ANcEGIRrDmC9tVvAc9-Fg2DAVT3DDFIWn7pRTDGfJmHtEYAQ&id=lidar2&mcvt=1044&p=0,0,90,728&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700751556705&rpt=987&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1A0 13 KB
5 KB 129ms
56ms Document
text/html 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 25269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 07:58:10 GMT
expires: Fri, 22 Nov 2024 07:58:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 3CD5 829 B
999 B 113ms
71ms Document
text/html 2607:f8b0:4004:c1d::93

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::93 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t9Ee6XRoSknZ2D7iCJQMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buscadordetesoros.znice.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-t9Ee6XRoSknZ2D7iCJQMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:59:19 GMT
expires: Thu, 23 Nov 2023 14:59:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3CD5 0
0 104ms
102ms Image
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=221451752236677&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A49A 0
20 B 150ms
150ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9fhlw2hfZercFueGrr4PgpaiwA8AAAAAOAHgBAI&bg=!2Nul25TNAAZxrfrxUa07ADQBe5WfOHoDbmypYmyEm9i9xNtuuFiH7snr88RBuuJagB0qFmpC63YwhRYovoD9w8krkVAIAgAAA7RSAAAAkmgBB5kDCYUcSaeE1rTB8Wdmz2QXFO4GqHxH6uPegJQlodm6kvju5fxZ-hOX9Y8gSWFwh974YauUUdDKIAuUcd_0ON5FPWgg8BpqE2TddTEJ5MAu5St4HXHkXCP9j7Tsf4YQSc6DM83cPL_RhJAEgxccwvXhrNe7vGOqUVcxMovVYkipiLpz-aEiG68ajVt4X-dZPOrWftpnBKPYcZY5iPUl09tg-n16pU9lP2HOkdN-1_FmUnGj72NoUQJ60RRWAYeY5UB0rEo49-fOlPt61HEuQuqh8XTae9SqzW9X0HkIQUC55gzEB2RshOH6N6fbkhQmCBdCbG0gJUfbUrXrDwROj0q76PoVuiMi5_Pbe__VspAuR4WJKj4N2f13gzM9WdZuKyjev-J2EvLNWIjS2yuo-3TCDUlay_rP4FJS2C7i2VASe6OP4Ri4H9tGZPR9ymP7Z62Gvyx2OOUDoGjgGB3ni2b2dUAXeQNKCvH928RDLF41NBTB7bwXOAMss7eLG_Z4PTYGALiwM4_ZO732Bc9U7CXJM7c9RT1y26rSqUFX8B61MYyCThGFi0vknKX2AChFLwiXhhWrw_3ODi92Q_5CddvOUV_UBllys5-q6cSGhdsswKbU6yRqMGrOwigsyDA_i-5Pa-PcVpniqFtanyT5etZVBTlpsC_AaKbAndw3bGv1m5HIusyDamnxJnAsDVUo7cr9ejkWYjNJmpaCrQZqDWCkukR2cy0_6OrZ0tnRel8if6-aTnnCSubuWIkQnllGfV-DA6SwUs8o8sXm1I3NKkm9cFqyGms2lgzp4Cg1M65tw_duWiB4MbzpyIDWhKL8XEKspGtNb7JGM01iAkJztSLIOj3JJNZhWOJjkXcA4B8RvDtAhOJBr5CtESaj53c5u1vBa3GAVs2j0mT55HM86EZm5e03Wzvm5Nrz0qwLXgHvWXrOiQN4O8z7PkohalykgMOsqXsKB-x2k8hHQlWgo_eGfcePd3wbw8Z3q2i3BijvOcwEYn8uqFZYHv3md9EOnsbE1-nBEYcXLbNGtg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B1A0 39 KB
15 KB 132ms
118ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 09:24:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8673 0
20 B 109ms
102ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqKq-w2hfZejcFueGrr4PgpaiwA8AAAAAOAHgBAI&bg=!cXKlcj3NAAZxrfrxUa07ADQBe5WfOJigDPTcVvkmA1aZ5YFXoNqm68Mh3V9FKcHsBe5Yb6ZNdMBKw1upz2j7XNjoRK-1AgAABc9SAAAABWgBBwoANDHMzi-V1qZZ8A6Z08WZjbpdDI08RKeqM0qQt16wTQsHHHfJS8QmyDCmjjMcABn1b6WgIeuZAuea4suY-LJ1dNZYkpBLOI5w_zOZf-aYeZyRDyqre1Qzai7Hq4Xva0PK1AHUp18aC_gYwwesDJVSUW6Mn_HMyNSbeoy0P8kLok_SF_33y6xD22lxn6y5YxQvXs9QqOIoIbbELpdpGdN482oaXOZgdQtJDoFKhKzR95loZbL0QNDK21eZoJpfWd7GGVsW6zmk3k0tlbpPugiu-CQhf0-NPRNIVgvq1mJBzr2fkdgt8HA66lSw7kpfEeUdHGuRtcCWn_-CmKdVun_nT6uiUJNUJzXqagCGzWs-qubCkaXWg4v4GqfdWMS89MkLheJ_8TmQVQHa5RiDU35_Ef1Tx96jf06OzpKT1_sbgqikl29YGKVztO2eL_3wrPG1kweHFXDBHllvmsrYXm5tRu3iSAAkszO0BuHgKe17Sg_Gr0nTBYRGtN6pSp9b4aMzobg1wC1ASIx2nfo_SVCjImq4v1Lgg9IpemlRPGMQ0Gel1-b_cl76ndMFocIpr8l8-lXJfnPWKVOjPPJ43SrnJfnmhJBamtXB_X8HsJMfB2GCfX33Q_d65anfsyD0HjXtvkq4Q0u1s1_VhDqBQAbXeHr6gsavo00fhvTCurKbuG73q88ajyfc5fSt988au8MLfu2XxWuc7kJRU1BagyTL-A94pUcfqgnsuSvfNpk-ByWb1oQIA9bzymwdV3Twgxws27cP2yTakdvGSkeEuLu0JfAGC8kVbhR2q56RMkhVthbSBqo_3V0aWzFRyDGrqevVRv2T7CrNCMwd5Oi_3ez2We6UOzhUn8QUbiqXx67gcIoRskx7k6PR-doJnl_MC6MHhRJkA0nHILsmYVdA8DCiqYE2C88ndHqPBRkrXtJf1ZURxeFPzggLF6AmHgZjOSd5ddt-pNJV-p6ul4EtneIC3rh0HDNhhh740C55-Q9Tbm4r1-6uHPMVn05A0HSeIWfMk8WooYd-MY3Pi-hsVjwHX30v7L2YGBaewIUH_vjioQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 861B 42 B
64 B 317ms
245ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstAAaktNjYNqNhf9W6LGkD7CbwRKaxSqrSl3EVRcVT96zYLpI2D8nBs39EG5K2ET3esKfVX-0r7Be_DtSGDAlBbtevDNWdIYgf8dne1cc7oxYqXZl4EWByq8Z1kweBft_Kb4mceRsifQ&sai=AMfl-YSqS5qnNx74AdffpzUch7kOSNs4PMrCjK5r-pCNuXvPASuygJQP5yTi9ZoKdExv5FZI7j4gDAXUQ0GBJ4nytlRbXZsg33Y-QBmeHmf3CjC1-a-kfwkmGdiIyXIwQWwIskXpxQqzTkdez4-wUO7t9A&sig=Cg0ArKJSzAKy4n-t_i7-EAE&cid=CAQSTwDICaaNrt5ZzZ93R-fU29mkaxVGoOJaxwREkclyOA94KGSgkzPM3afJaeJTE0ANcEGIRrDmC9tVvAc9-Fg2DAVT3DDFIWn7pRTDGfJmHtEYAQ&id=lidar2&mcvt=1009&p=0,0,600,160&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700751556443&rpt=1214&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 397F 0
20 B 220ms
196ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMKlyw2hfZencFueGrr4PgpaiwA8AAAAAOAHgBAI&bg=!0tGl0Z7NAAZxrfrxUa07ADQBe5WfOBY-oKwBRLiry1rmijhxG7T1qovyD_BnKY6uOMyqi_7O3XSjLPkT6kn0rUFVtDINAgAABf5SAAAAGmgBBwoAMZu4iAkirXowpqsujyC-m8h1jEF0bL20mD4t4B0bvGfRj7_r-Wu7E4ME2BoiXvgfa1SZAubiQsOnBwYhTejnQC-rsgNbgIw4UVcG6IBXDtQ1wk6vWaPh7Ga8h9NfvoVDY8FyPB3N62qZ7Zrl1xgKeww58p4t9imtcIsYnfSrCbWVVqyCxcsUF-ppZtupBLtcaof0kWqDRb_tzYmxowQAhfQrugzcLiDbyZD6z8jT_z4phRYfTjDHlSuIgWqmvuyfQ61yq0Tepd3TG4WC02gMsl0VD4EBEJStmXBNSyZNpgdMaqjMijDR5JV5trUsmw-c-ygI3XCG6qhGajdBgfM5Hz10c5ftYR7jCyHHbWTKh551qTaz5dlojW7-F_KCzkpSqhFDcHfea2Gv1JHx8-IFxbGSEacC9nYU6AJkymUwq4rc0BGktRQHfQAvrRsNB99o5Hj1NZ7p7xJACdq-EYGdVYD1dXoy70q80wPduEsvxyQcK6xaqZxfv9Qd_NbkdhH3Ow0zTu92qpFHqj-Rr1vROXu_EekRVq0pXoMY-0sctaWOFLxYQJxs_DqLsgLXL8SfLCRQY7mQIjdODhuk83F1iUD0qRShg0Ekxe07L4QWdkwUdUM3L5c2-IsyW9za0h49lVRnbRWPXHiNGwpCU7-9QGMtxeLTTuCDceMMFNx0db5nMRkZgh8cEP2KQr5zkaFAV1sQRLyIKhH7DjUEomqnT5Erx6zgHHQYgt4fGFGgsX7WlTBUXb8RKDqqpuWgi8ryHHzAWGGOKbiEykQL1n5pcMOsWAq_mtek5jbXptcnHJz04OSlKqWcsDPLJ_6NCQMfwjikVap3i21eByXq3M-qnS654rYpUYXwzoFjWd-7Oo_RxOKEP-lQvdotXDaZ3RayQ_V_3oQB8yHgpgh3VrBnArIcjKUVLSL6vT_cx44_IyUyGM0y0TTm3QZNga2kWwcBwmZ40XMX9ObC4KWa-hga3OFZBQzzvRFNxqNaXSz9qBTDPHM2-4-E7mmYM5WAFdG1Qcvc6wsrXuMsP69N5dQYngSjh2Y9xRku0Vks

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6FCD 42 B
64 B 382ms
359ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRytW9vsfUNrmMnE4aJWWKiZXdWE5hXlV1x6vF-dSxcVKb8KYfEMl3zvG1p2rPVeAZYSwPUsVY0wWgui9-UdmhYa2lS6wjFoFJzSeJmTKXiKTootPXYQ_SI0rFPjOKZQH45pOiuqwYmg&sai=AMfl-YQoh8JHsbGepuZF_Hb5YdGb-shndeC5ujqFbEJ_9Q3WwvlNoVy4MXyBUuns1xupqyNntTu5IyeDL8oeuMKS4BJyuCLw0Mkob6fi8gNHpzZPBuO7CX9L_Lxc7myztS_o79McfZKHfVb4_IeVO4XjLw&sig=Cg0ArKJSzPnwb1GUbSgZEAE&cid=CAQSTwDICaaNrt5ZzZ93R-fU29mkaxVGoOJaxwREkclyOA94KGSgkzPM3afJaeJTE0ANcEGIRrDmC9tVvAc9-Fg2DAVT3DDFIWn7pRTDGfJmHtEYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700751556453&rpt=1208&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 14:59:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B1A0 0
10 B 64ms
64ms Image
text/plain 2607:f8b0:4004:c07::84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_LArww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:59:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 200ms
199ms Image
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=221451752236677&bg=!k5ClkN_NAAZxrfrxUa07ADQBe5WfOMT1gFEKARRNpQP9nnrbGgl0ZcnJ1P4zTB0oWPhIHnGNX_PsSvuIq4CSMOiv7HKQAgAAAdRSAAAADGgBBwoAerNWGSGVKJsg8hYU7e6YGCqzELdchil64dZAZ2K4enpTpWtNHHbQE-D366qt3QtIyIHNFpSQvFU7GjHlWMnWGjqbHvTLB7RZADX7K54YYp2AG5RkwglArIb8HSgFYwnQMtgfW1nMejkTEH2CRC8tDYtBBUJ2iW_Q8a03mQLZCRXKfwONojQXQnZfGrnY2YpRK0YiCg-BeP6vfaxA6L-A4gbe649kwzQKhogr8KfclVkMrZtyLIg8sPF1w2_3eI1HftpEWfD0O6db4prVhXzrEQzzIn7aXFYHAFzx8DqQk9erE4RUNcxOHnpwAdGxV0ON9AdyA35kiZ6PnjCpf-WxVBk6JM8VxWC1-XjqIY1kIqXyH4l4utb0c2R1o8eZXSXa0U7Ica0eTMzGAyXSZks8kWvKAzo1E3Kz00QG4W494GSI4niuiUcI-V9wTnHIXjjpjr50GTJtPbSHD-1cRBslHIrqNhQT0UbfDoUN0QkyxtGAFfZ4va35BFkA9tFyFCmcI5uFE223-buT_G0Gc7ZWpD3wCsZI0Wo2z7UG4BvaI9VlErckPt7oEpoRLrj5tvuBQ_nPtqPfL407mBYV562y1O7OXAk-CWlUL3_0IXWfVKPyM5cG9mxvkoxR8Kz0jUfVwyQmUV6W-QfLyVIrdC-zO6guj632_OZVft4Brkb61BGSBAMwg_3DkOwBm5dWIz0ODf2emYAXuzSNr9U750l6JBoBCvIlUfFseEuM622ogjFl_5QXL_tuCK48M4qTMLfgnPc2xUFnCfH1gUizCz4mlcUbSubAhO3xX_oeOmtKcTcmQmVMOxzkytkGYDNjgw2KPImIrt1mQhuQom1I2e8l3KhMM--YoS7b9lmv2ZfB7upTc8yAoU9GicghBe2kpr6UPfiXbHtTyM9by011nd6H8m3_4hafIc7M-XCjD1frz1DsVarSliVtFUUbO8ViXzK-Uil3qjqRwcKyBc1dW1SVP2keEG1i7vBTls4mjO8HpeM9WQihjh2UVCAcRI8lpC-uXAsqtFyOoTbGvQ70J0EtTBuCQonuvwxsTTg0_PeFnCP7Z1tVRvbbcV41Nq67JXyGZCZ21UsOhq4ELtCLyB9gXF_bsTh89KC-H32taNCPRs1tR4IwpRH7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://buscadordetesoros.znice.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bpggmmljdiliancllaapiggllnkbjocb
URL: https://bpggmmljdiliancllaapiggllnkbjocb/logo/48.png

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.znice.info/	1970-01-21 02:01:51	Name: _ga_WLR3XWFG0N Value: GS1.1.1700751555.1.0.1700751555.0.0.0
.znice.info/	1970-01-21 02:01:51	Name: _ga Value: GA1.1.1692980031.1700751555
.doubleclick.net/	1970-01-21 02:01:51	Name: IDE Value: AHWqTUkZiY7d2FDwkOBL7cT5-phkvqo3ZKZZ0g0YDSqj5-RV3JyRm8jjXWoEK8qN
.casalemedia.com/	1970-01-20 18:35:27	Name: CMPS Value: 5561
.casalemedia.com/	1970-01-21 01:11:27	Name: CMID Value: ZV9oxavHUV2C9jF-UI91MgAA
.casalemedia.com/	1970-01-20 18:35:27	Name: CMPRO Value: 2733
.znice.info/	1970-01-21 01:47:27	Name: __gads Value: ID=cc457238795ea391:T=1700751555:RT=1700751555:S=ALNI_MbL9lLHUEdyRfb0CM3UN_ByoEYr_w
.znice.info/	1970-01-21 01:47:27	Name: __gpi Value: UID=00000da376e99487:T=1700751555:RT=1700751555:S=ALNI_MbUg8f7KQDyLZXfB_GqEgkJFAoANA
.adnxs.com/	1970-01-20 18:35:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb<v#Mh3!@wnfH8K6pQK`!5=E<L5?%Ltj7D)hf]BU^8>(2#cy533`E=R_@<hz_cX9!7bpRzqF1`b`!**=rnB
.adnxs.com/	1970-01-20 18:35:27	Name: uuid2 Value: 1402553642844981781
.doubleclick.net/	1970-01-20 16:25:55	Name: DSID Value: NO_DATA
.neural40.cdnwebcloud.com/	1970-01-21 01:11:27	Name: n_one Value: e037b3c6-8a10-11ee-b267-0242ac110002

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bpggmmljdiliancllaapiggllnkbjocb/logo/48.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bpggmmljdiliancllaapiggllnkbjocb
bucket.cdnwebcloud.com
buscadordetesoros.znice.info
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
bpggmmljdiliancllaapiggllnkbjocb
104.18.36.155
172.253.115.148
172.253.115.156
18.238.4.98
2606:4700:3033::ac43:d4c1
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::71
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1d::93
2607:f8b0:4004:c1d::95
68.67.160.75
99.81.27.48
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
08f4be8335f82926e09852c42238ebf0ced03e2840d59d4801b666c7421a0b2f
0a08b0d839953de4b16a97c0089be54524b6b55ff2518b7f18aacd10e774c0ac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0da41d2282aa367095bffff22b37c2ddca72d67ab2185ec0dd68f413c6a81c05
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
0f338f4e3869fbfddb17989baef2bf26ac8466d2a740e25c58f389de55508b43
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186de34a68b1eca12ae851c34b42c2fa9914a82b51915f53ee5c0ab21bdd4cde
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c9cc76fd52238330f0aabac35acd2cac0f04b7890862e61e013ebbb8513fb5b
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2aa9f73f4c780dce6eab0d280b2ff5e3fb765bf899b9c44913f38b0d0e1661de
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30de076dc026e18d1de9628ef1f179fbda181ced8ce1ff6b27c51afb9e1906f6
30e841cab39011ce11e3edaf1936874d8879d5cfc03d262a3245b5b94f0da272
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
368efacd9e5bb12a61e6009384f5eca007fc8ae940c9cd2321a084ad929d8f4f
38b3d1228cd383f879799a6314de8017465a3e6dfc89d022258c5778e1c25097
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
3af8b16e1775765e78349d6dca53dc7b4912d053f357a376424bbae8ea8cc294
3b894a4d460bb7679a1bda215952ddea1ab6c60591353451fd315daf8a281465
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c505383d37d2078648e37868bbd1fadf64a1c92dad2e03fff532ffa84e7635b
3d618b4275b68a7aea2217c53218c5e2fdb0087336705452b13cba5547e42b76
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
473c95a4f6d851fe41044c36bf20e6754efc307be545781fedc36957998ee83a
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6297b49ce074c9ef4f74bb1a751e6062b7ec575c48cabc71d78beec2537c3308
65598b0b46826e365f287410a412eda995be5f7de9dac7b82edbaf475bf2f63a
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6f6784f61c55c8f5ef533149642451a6cb518bfb63db412131331882c728733a
73eb54c35c5f8e2a744dab88e6cf04f279c1fe78a0d7c90f940dfdc2580c1b0d
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
794165c736499e28e3d21d5e270ade440a630ca8b4f5fe70e09ad6fafec8d47b
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
981f4081368070691c18cf4ad14efddb8a173d750cdfd8823f7c94297f50cfbe
9c3bb5ec2523ac6d5a9a5da20ab9e7905fc8aad492900e446f10d6c11be2bd1c
9f2560efc60e0da15251a65621b4aa8411b5ad19bae6a239d77c051b1a1f86da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6
a8f6cc8d212c1c81c7dded25fe1bff7294ecad0cc912446de14e675388580df2
a92aed3683d448908e52d5b2a0fc8195a8872c5e60958f637d5a7eaf00f56675
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afa3526bf5919d08afdcd76f6073328f2b3a22c2d9a7b7da23549565dedeb649
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7ef2cd1159a8cbfd271ff2abe07f237a46f6fa056eefd2e9018661f93eea137
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2552248813ba1c8b49d36974005c37e3b372928b1e784b84a2273872af40c20
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0
e0b050f669b9fff6dc0f4b37c032610dd4d076a292a4bf347a1b2863606b031e
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9812780a6b94e3ec7bebc5347cf06203ba6ddbf32a998efecce888fa02ce9b5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef48f682c80f261d3766d302b8c1278df2c1d1098394be44f223297377bfe352
f12dd342f85833d794cbe0d86b7dfdb7330589a2d5736a07f32c166185225925
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68742ffe98e67ea40137b6ff6cc891fcdab289ae195500b8a1226f67588104c
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

buscadordetesoros.znice.info Open in urlscan Pro 2606:4700:3033::ac43:d4c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

92 %HTTPS

67 %IPv6

14 Domains

19 Subdomains

19 IPs

1 Countries

6308 kBTransfer

9328 kBSize

12 Cookies

0 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buscadordetesoros.znice.info Open in urlscan Pro
2606:4700:3033::ac43:d4c1 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

92 %
HTTPS

67 %
IPv6

14
Domains

19
Subdomains

19
IPs

1
Countries

6308 kB
Transfer

9328 kB
Size

12
Cookies

167 HTTP transactions
4 data transactions