931elrey.com Open in urlscan Pro
2606:4700:20::681a:3b3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://931elrey.com/
Effective URL:
https://931elrey.com/
Submission: On August 08 via api (August 8th 2021, 3:34:41 am UTC) from US

Summary HTTP 164 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 42 domains to perform 164 HTTP transactions. The main IP is 2606:4700:20::681a:3b3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 931elrey.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.

This is the only time 931elrey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:20:... 2606:4700:20::681a:3b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
5	52.239.154.36 52.239.154.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	13.32.123.5 13.32.123.5	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
21	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:49d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	208.92.55.26 208.92.55.26	13360 (TRITONDIG...) (TRITONDIGITAL)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 1	31.12.71.114 31.12.71.114	44099 (RUNISO-AS...) (RUNISO-AS RUNISO Autonomous System)
2	31.12.68.105 31.12.68.105	211945 (TARGETSPOT) (TARGETSPOT)
1	54.146.124.230 54.146.124.230	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	52.58.248.241 52.58.248.241	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
3	18.193.17.216 18.193.17.216	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
16 22	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4200:3aa:8894:1069:c551	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.79.213 52.59.79.213	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.76 13.224.96.76	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	52.22.84.205 52.22.84.205	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
164	51

3 2606:4700:20::681a:3b3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

931elrey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.239.154.36 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

simorigin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.saleminteractivemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.123.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-123-5.hel50.r.cloudfront.net

campaign.aptivada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49d1 (United States)

ASN13335 (CLOUDFLARENET, US)

salemlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

content.cdn.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.92.55.26 (Canada)

ASN13360 (TRITONDIGITAL, CA)
PTR: ash-db-sl01.streamtheworld.net

np.tritondigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.12.71.114 (New York, United States) 1 redirects

ASN44099 (RUNISO-AS RUNISO Autonomous System, FR)

node.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.12.68.105 (Belgium)

ASN211945 (TARGETSPOT, BE)

nodeeu.targetspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.124.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-124-230.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.248.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com

us.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

cdn.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.17.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-17-216.eu-central-1.compute.amazonaws.com

tracking.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.190 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:3aa:8894:1069:c551 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.79.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-76.zrh50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.84.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-84-205.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com 2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	662 KB
27	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	170 KB
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
13	saleminteractivemedia.com cdn.saleminteractivemedia.com	591 KB
9	justpremium.com us.ads.justpremium.com cdn.justpremium.com tracking.justpremium.com pre.ads.justpremium.com	80 KB
9	googletagservices.com www.googletagservices.com	328 KB
8	google.com 1 redirects adservice.google.com www.google.com	1 KB
5	targetspot.com 1 redirects content.cdn.targetspot.com node.targetspot.com nodeeu.targetspot.com	4 KB
5	windows.net simorigin.blob.core.windows.net	315 KB
4	facebook.com 1 redirects www.facebook.com	365 B
4	facebook.net connect.facebook.net	166 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	unpkg.com 2 redirects unpkg.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.de adservice.google.de www.google.de	1 KB
3	gstatic.com fonts.gstatic.com	45 KB
3	931elrey.com 1 redirects 931elrey.com	12 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	pro-market.net 2 redirects fei.pro-market.net	852 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	961 B
2	tapad.com 1 redirects pixel.tapad.com	886 B
2	googletagmanager.com www.googletagmanager.com	67 KB
2	jsdelivr.net cdn.jsdelivr.net	10 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googleadservices.com 1 redirects www.googleadservices.com	652 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	603 B
1	bfmio.com sync.bfmio.com	421 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	krxd.net cdn.krxd.net	395 B
1	postrelease.com jadserve.postrelease.com	538 B
1	tritondigital.com np.tritondigital.com	682 B
1	salemlivechat.com salemlivechat.com	43 KB
1	ntv.io s.ntv.io	109 KB
1	aptivada.com campaign.aptivada.com	14 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	googleapis.com fonts.googleapis.com	1009 B
164	42

	Domain	Requested by
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
22	um.simpli.fi	16 redirects
21	securepubads.g.doubleclick.net	931elrey.com securepubads.g.doubleclick.net www.googletagservices.com
13	cdn.saleminteractivemedia.com	931elrey.com cdn.saleminteractivemedia.com
9	www.googletagservices.com	securepubads.g.doubleclick.net
7	www.google.com	1 redirects 931elrey.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	simorigin.blob.core.windows.net	931elrey.com
4	www.facebook.com	1 redirects 931elrey.com connect.facebook.net
4	connect.facebook.net	simorigin.blob.core.windows.net connect.facebook.net 931elrey.com
4	www.google-analytics.com	931elrey.com www.google-analytics.com
3	unpkg.com	2 redirects
3	pre.ads.justpremium.com	us.ads.justpremium.com cdn.justpremium.com
3	ib.adnxs.com	2 redirects
3	tracking.justpremium.com	931elrey.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	931elrey.com	1 redirects simorigin.blob.core.windows.net
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	us.ads.justpremium.com	securepubads.g.doubleclick.net us.ads.justpremium.com
2	www.google.de	931elrey.com
2	nodeeu.targetspot.com	931elrey.com
2	content.cdn.targetspot.com	931elrey.com content.cdn.targetspot.com
2	www.googletagmanager.com	931elrey.com
2	cdn.jsdelivr.net	931elrey.com
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	cdn.krxd.net	content.cdn.targetspot.com
1	cdn.justpremium.com	us.ads.justpremium.com
1	2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	jadserve.postrelease.com	s.ntv.io
1	node.targetspot.com	1 redirects
1	np.tritondigital.com	simorigin.blob.core.windows.net
1	salemlivechat.com	931elrey.com
1	s.ntv.io	931elrey.com
1	campaign.aptivada.com	931elrey.com
1	tag.simpli.fi	931elrey.com
1	maxcdn.bootstrapcdn.com	931elrey.com
1	fonts.googleapis.com	931elrey.com
164	57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
app.radio.com
saport.halfoffdeal.com
recruiting2.ultipro.com
salemmedia.com
cdn.saleminteractivemedia.com
publicfiles.fcc.gov
kryp.christianjobs.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-05-19` - `2022-05-19`	a year	crt.sh
cdn.saleminteractivemedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-16` - `2022-04-16`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
campaign.aptivada.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cdn.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-16` - `2021-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.tritondigital.com Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.targetspot.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-25` - `2021-04-19`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
justpremium.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://931elrey.com/
Frame ID: 7E8E8DA9466A23B78C3CC1658E4279C6
Requests: 90 HTTP requests in this frame

Frame: https://2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BDF32DA2AC1BB2830E6AB168758773A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZK2N0J40Yr4v6LbI67mQxvvP0G5hF1SwncWUAI0aN8_8o7FzoTr4GIL2QsXxnJJ1u-QM5WTkhu83xXi27WYP4y6HozxWUHghodfmdoyt6YwUkr-lBYbWn2tkKlz8_GDOzD_I71kkzxP39XHR72yDY0vxnGJQY37o64-Pb7ESRLaQ8RPKU7FprffA5muz_gb7dHxmcehdqPFNMkAbbZ3Ngi-1mY1Mw8aT7PodhljhVkokODRtRzBDXfDJH_b0gA5xQhx0voRHRdfVXxeFNQVEeWjf2LJ4n5usDBGwdMBw3SshZ&sai=AMfl-YTzXKp1w9fcYbvwO-ZnL97LrWmapU22BVWeRcLulDAKfqgSrptEl8zXPaW9eSQGlfOrC2-KgVDPtWfq2IfPnMYmani-U1EN-ZGwGItrk9SI1xvsxAjh4iVssWyAenNq&sig=Cg0ArKJSzJ2uVfqFkXu-EAE&adurl=
Frame ID: 096C6B309157C5DDC764B2CCA840A220
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMu4BMI2RXg1wy0zqPD0SIekkXLB12QXJPFy6RjBLpdD6etF7nx41UxCoNjD47Rd8YpCYjHxK2jx_6Pd-BW_Zjmmi4_ye-P-AGcWRmpk_DDkrNz0GtVR6sfgT1vHViV3azQBwKaK3tn2j2VI9DPfHXaG1dQ6XLak2r0s3ei3kNy5B14Q1z3oU4ge4HwPaUpdLs3mIk7KNIDgsqlp54sWETuiZU4VJ05uind8cUlcA_cH5sEjQS_ZoZ6ZhE341-hnHPHZjYNUUPN1bGEs2GF4N61kHBYNPfz3KUTHWZg4z_Yai5ARdGYtXzX4I&sai=AMfl-YSi3Ls9ZYvCNZaZARHQ8b2b-EYOb6qHG_OmstVWYG4hboIKCB1wxogQeIvaCnOVREYVIdoSOYw5HvG-fOvrzKo-ZDcLuHY8TqGGZsZ0gWUtgrHwlRm-i6z0kfLbLI4U&sig=Cg0ArKJSzDP_YI4I1OHjEAE&urlfix=1&adurl=
Frame ID: 5E607C80F155ECF49745D4F57FB444A2
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFlsx0aZCdM2EZyqeABxg-WT4UlAHjWiWb23ZCULy4GCTBEY1u3P7UZ3jBX38ZkXRZYMUKeHVPPiHMimGo1E935YYS7gjb7CgO-zEPTHM26Gknpan3k5ZzrjMfBacUz4qeTPrQcB4MqydvLNqWAdvndTSaQG6rE6ukpXGn--8jHJ27joYpfcxpvcMHl2WJNhvs0dS_jTalwHuXBY2un9gk4AOhYRlB8ta3kKJk89xJvMuX9RwyzWvtarHktzAHUWeQ8SfkzTcz1jmsNcfpqsoqd8ya24iFXf0oCUxC4OMmnTnqpCVI&sai=AMfl-YT5xqaMf0nLSjrhYguuC6KqbZ7iyTXOKDS7iVZ9REjxao4da6tEeF3B7HY37FbfZZp0cCYq9mEbQlQCD7a4Tr0g3KkM4qpwtmluHlFAvzhEttUUou10yGFD1DRfs_3r&sig=Cg0ArKJSzFW03I4McjQwEAE&adurl=
Frame ID: DF780E65544B81A9D18007D930419489
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSS8CnqGTOiPEO1npe57VoSenLoTnp_8hBvSEismE-8YljjbOYsrjBzz9KXpolAGZGJjeLayhe3JsIF2tWa1fmtZiIwViNUTNlR26oofjdLuf-_78chap_iXYixe_9Yqs_z0ZYFcpjweAB-zb9QVE_WQ5F-_lJgM-Xeiq9KeNbcA3Pfe8hmiDvoxMdm5KDAK1CKSDjRbZXj3VzkiUvw_OHtrYW4y0uIjvkMD_VX9HeUPTuu1jX68M0-kLBymOBwHU2OyPs2mldJgl8Ofrj8cSRqxbOwow2Ds823csRSL5E4j2sUIio&sai=AMfl-YS4f19N1dfYBSyjfvepiG6t3Y08DJWnLYzglROqOQvhw1xk-MPODkWSLdx-YCT9MfvTJLenx69NgJl7vrfUBnAfcYiIkWpXeFiGVm5ywiyGOeIsKlLXWPbxMwT5hiya&sig=Cg0ArKJSzNv9IUhH88ZvEAE&adurl=
Frame ID: 6ABEE8440B5A6E593B85A29EB3E9C215
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutR_lSs0jPyvq8-zG_jLqihv-XOe-hrFcM48LYh4RAW_8kGTRDeLEcR1SZlbtAsJWjLeChlZ3ZoxKvC8Do-AmijIrTSysKJUVMCdVbrFAiodGVmImf8roUPMs_nuAx26nXTHSVvMS2clU7wrTSQhGm9JaRPD2BBBsfvAKgH0UwdIJGJy8ZXe6J9ATkfxFTa9lMp_w96xMFS8xOPK5smnFY-VcraTO4ajic-9dzIlMpfE4870eoTcPXy97Ul1roHUUUp55tHFRLltTdUc_wIlKvBMkkC3H2oAGd4YPXuxf6_UObG6FZ&sai=AMfl-YQJrGeG2v2zfRXVfUhDU1DoKxg15eiW8TlQ4oAyHIZoxsLD2jVGodlGeM5J3S25pCWWUnOeyYGoB5szpN3h347C_fpCj19OcrFz7jwbf-khrSxsD9pXAS35Ed1B5E71&sig=Cg0ArKJSzPUF4MiZqkjoEAE&adurl=
Frame ID: 415229F5FF9EA425C125F21BB795634E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshkBxPSSAz7ak1einIImMQnA26f2f2S4i1TGCE9ibiOtSDWuxHYOSlyalcZXfXR-EZeL7WtRBX13EZL4qjS9lVreHXsxwve0vP17V1j7gHWGKmFUW98cZCayOoEqVm_1Cimi30uAfZZjjz1uCXoMxGnLB08m2jhKnhdByukA5cg8m8AYalUCeYrhkzsGJfgjoeYlNRzsWFwK5biJrFcXFbn3VMKlE_37f4uGX_ZLNZLmO8qcTz_vFrv5Jmx-Fsg3HLV5FQxcxdduwLzwvgUHfnGDa26sL-EJX1TI8If2loWXojFDa0&sai=AMfl-YTrOTFHAlO_23OwTnJiXMidJPQtylG4-p-SvtI0OAds7ctemFfRaDiTFo_Wdgr8zh37lXga5ScgBH0CCD-QsqxsNYpe3LRT9WxdmUXoE2h6Puj9DJiY7KPwmj8SMI_o&sig=Cg0ArKJSzBhwEgK7IvfkEAE&adurl=
Frame ID: 8CDC69A3E242F0C705381F098CC0FD01
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI_f1EbjrNZbnMp7V8kC8CqeBULRwqwMGOxRpAY3yrQk9I6VZTisc7Uh2eazOlGAoY0LaTmBxtSVfpY0m28L3vP1btYQas5KP1ou2UYvohkR7N66dWiUPFzjD8cE5rYJN2_ykP3lUse4j-4U9fR6baCDGPsIqFZxdJSnfahg9GgZaeICJha9ean0QFcd27T0XBuNPDZug27WKzzClnE0S576asrKc4Ogzz3U0c40kHPtKBqlTnsN_NSHG1NywHSCdb9t-UYfTyqc8YoeqSC93oucfO44o53IUazDZJMwRkEuMo&sai=AMfl-YTeaYttltRrFMpw_KxKLA5zLpngk28NvtFILkMMReNrxU941572hdEl84RqG5eqU8dQ4Sw_dMkwLr-YqlxFUktaShMs8f1p8D_HTfg13tDEGMGBjYbC0ay1F9fxjlEy&sig=Cg0ArKJSzJu90427KwdcEAE&adurl=
Frame ID: DE6C6CEACBAAD96593D7B40197B7F918
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCFDedwatMLy2RFCCPXGaRnyU5kYyC81aqy97HAwSrc9bIsIRt6ivuKUwkcqan8WCwL0WzIjWwZ6RUeBLgvQ0iJi4r4YPBI4ZucED_kkOlYA_UbkrEBS6mTZw8OGja0gH3q7taFCWhgWy2z15WQHts33qhDl-T2atba6T2nvLcORzL6w3SjKhoyt08vv685151eLPgKgUPzg31QCdI3cDog7KMoqs_MPbHRrM28vFLTgxMfXn5reJWpV47WX5ixNAZZFoPlnMwdCbRGmL5L3nEGiORKPiztjMr9BISWpdh_kkqzBZX&sai=AMfl-YQzBEym2iptU4xLcoRAY2IE_gvFn_0rlXpZdBjQT0YDTFahmmRy_miFlqCgTdmjhIIwtdPs4g3pwLEyiWcJWdYRmWk7LIt3K3xm7rc_vDFwjT0kD7kiborFfqf8TDH1&sig=Cg0ArKJSzDgRAGlyEWU8EAE&adurl=
Frame ID: E36E9FB6D583006D4FACC330734E51F1
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c2e7c8ff97f8%2526domain%253D931elrey.com%2526origin%253Dhttps%25253A%25252F%25252F931elrey.com%25252Ff3a0112716a3ff8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F931elrey%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500
Frame ID: 1CB95F9B3D80784393660C7C63526E93
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1E8446D8179D53D313B440F2704F3178
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F3C92FC94A298D88E8207EC2753B3F7
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: 7FB27750BE185D20B5C26340486ACFAF
Requests: 1 HTTP requests in this frame

Frame: https://tracking.justpremium.com/tracking.gif?rid=r-15f1ef6c-551b-48f0-a81e-8f56a0a3b6f3-25489-837898334&sid=r-bd778f39-1871-400a-9242-3180ba16db8f-44676-3560696&uid=&vr=v2.29.408&ru=https%3A%2F%2F931elrey.com%2F&tt=1628393663599&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=afhvbzd1628393663599&et=&aid=419356,419356,419356,419356,419358,419358,419358,419358,419359,419359,419359&said=1087290,1087291,1087292,1194891,1087298,1087300,1087299,1194895,1087302,1087303,1087304&ei=22368244%2C20254127%2C430430%2C1194891%2C22368246%2C430427%2C20254129%2C1194895%2C22368247%2C20254130%2C430429&fc=sa,sa,sa,sa,pu,pu,pu,pu,ca,ca,ca&sp=1,32,39,42,1,39,32,42,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112331&dr=47&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A3448%7D&ty=ex
Frame ID: E2AAC29B0F0BED30C9EFDBB9762EFA28
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://931elrey.com/ HTTP 301
https://931elrey.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

164
Requests

93 %
HTTPS

44 %
IPv6

42
Domains

57
Subdomains

51
IPs

7
Countries

2660 kB
Transfer

5420 kB
Size

8
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/931elrey
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/elrey931
Title: Find us on Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/931elrey
Title: Find us on Instagram

Search URL Search Domain Scan URL

URL: https://app.radio.com/download-kryp-fm
Title: Find us on Audacy

Search URL Search Domain Scan URL

URL: https://saport.halfoffdeal.com/
Title: Descuentos

Search URL Search Domain Scan URL

URL: https://recruiting2.ultipro.com/SAL1004SALEM/JobBoard/c1248e3d-19bb-4fbb-bdf9-f9f5dcebe2ea/OpportunityDetail?opportunityId=a1760e26-7e11-4b17-b2ea-a91e993e3fab
Title: Promotions Assistant / Street Team - 93.1 El Rey

Search URL Search Domain Scan URL

URL: https://recruiting2.ultipro.com/SAL1004SALEM/JobBoard/c1248e3d-19bb-4fbb-bdf9-f9f5dcebe2ea/OpportunityDetail?opportunityId=ca63a4d5-b6db-4e52-a50b-143af132f785
Title: Account Executive - Digital Media

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out
Title: California - No Vender Mi Información Personal

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-radio-stations-ccpa-privacy-notice-for-california-residents/
Title: California - Aviso de CCPA

Search URL Search Domain Scan URL

URL: https://salemmedia.com/privacy-policy-for-salem-media-group-radio-stations/
Title: Política de Privacidad

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/shared/docs/terms-of-use.pdf
Title: Términos de Uso

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/323/media/eeo.pdf?t=2021-08-08T03:34:20
Title: Reporte EEO

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/kryp
Title: Archivos Públicos En Línea FCC

Search URL Search Domain Scan URL

URL: https://kryp.christianjobs.com/
Title: Trabajo Cristiano

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://931elrey.com/ HTTP 301
https://931elrey.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://node.targetspot.com/userdata/?callback=tsCookieCallback HTTP 302
https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback

Request Chain 119

https://ib.adnxs.com/getuid?//nodeeu.targetspot.com/provider/AN/user/$UID/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fnodeeu.targetspot.com%2Fprovider%2FAN%2Fuser%2F%24UID%2FtspotId%2F157fd79a-13ea-4a78-bd0e-e73fcc692165 HTTP 302
https://nodeeu.targetspot.com/provider/AN/user/3008369172931243947/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165

Request Chain 124

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c2e7c8ff97f8%26domain%3D931elrey.com%26origin%3Dhttps%253A%252F%252F931elrey.com%252Ff3a0112716a3ff8%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F931elrey%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c2e7c8ff97f8%2526domain%253D931elrey.com%2526origin%253Dhttps%25253A%25252F%25252F931elrey.com%25252Ff3a0112716a3ff8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F931elrey%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500

Request Chain 127

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=530D252723254D01AC06DBB96318FBDC

Request Chain 128

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC

Request Chain 129

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=530D252723254D01AC06DBB96318FBDC HTTP 302
https://d.agkn.com/pixel/10751/?che=1628393661&ip=89.249.64.171&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165020303872000019651 HTTP 302
https://um.simpli.fi/aa_px?sk=165020303872000019651

Request Chain 131

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=530D252723254D01AC06DBB96318FBDC

Request Chain 134

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=530D252723254D01AC06DBB96318FBDC;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=530D252723254D01AC06DBB96318FBDC;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2004029078191650754

Request Chain 135

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0&xl8blockcheck=1

Request Chain 137

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=530D252723254D01AC06DBB96318FBDC

Request Chain 138

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=530D252723254D01AC06DBB96318FBDC

Request Chain 139

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC

Request Chain 140

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC&dnr=1

Request Chain 141

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=530D252723254D01AC06DBB96318FBDC

Request Chain 142

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1628393661795&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vVAPYZzMM9GK7gOYwIvADg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVAPYZzMM9GK7gOYwIvADg&cid=CAQSKQCNIrLMRG3RezEBukLM91qAJnjnrXmLuntZy0nkBDM1H2kTn86p1CWc&random=2990473107 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVAPYZzMM9GK7gOYwIvADg&cid=CAQSKQCNIrLMRG3RezEBukLM91qAJnjnrXmLuntZy0nkBDM1H2kTn86p1CWc&random=2990473107&ipr=y

Request Chain 143

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC&__user_check__=1&sync_id=854af06c-f7f9-11eb-b40a-194044dd0506

Request Chain 144

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=530D252723254D01AC06DBB96318FBDC

Request Chain 145

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=530D252723254D01AC06DBB96318FBDC&expires=365

Request Chain 146

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=530D252723254D01AC06DBB96318FBDC HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=530D252723254D01AC06DBB96318FBDC

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEO78JnHYIjJT0yO4s3tnG1U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=530D252723254D01AC06DBB96318FBDC HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 157

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.0 HTTP 302
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

164 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
931elrey.com/
Redirect Chain

http://931elrey.com/
https://931elrey.com/

52 KB
11 KB

463ms
447ms

Document
text/html

2606:4700:20::681a:3b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc22c35c6c8437f0abd22b774896550ce729d505e7959831f67325d98bbe9976

Security Headers

Name	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: 931elrey.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:19 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
permissions-policy: autoplay=(self)
content-security-policy: default-src https: *.sim-cms.net http://sdk.listenlive.co http://*.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://*.streamtheworld.com; worker-src blob: *.sim-cms.net 'self'; font-src data: https://* 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keYhgZgm5CyCs5Qr5RndD3bAkQHxJK2sFtPqPgbe468lXXXetfuttHiLPsoVclJNYAcr5wv%2B5U64AghFpiio0JYz0JhG%2Fgjpsx4W9dvKESJd2wxq47Xr2UP%2FWUs57ik6k%2FzHRYIowRmyDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b5b033fd69dffb-FRA
content-encoding: br

Redirect headers

Date: Sun, 08 Aug 2021 03:34:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 08 Aug 2021 04:34:19 GMT
Location: https://931elrey.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=304Gml7OwU3PmdT63nWPx%2BuSwRsuq5e2pyx0i4VbqwaXgkwWFJfRyzLU3j085ZNY75QoaEs2YBAUybVSTg2U9lB0k%2FRqUT%2FKu8OZ6IxRdcJYUTXB5UiQ5kJf2rh7yBeevN1ZgzfwlJvLHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 67b5b033cb7d4e61-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1009 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1387c8b1c9454d2bebe1ca54225ec54a396d05ffd38a716ceb64e6a58409d7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:34:19 GMT
server: ESF
date: Sun, 08 Aug 2021 03:34:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 03:34:19 GMT

GET
H2 200 smart-app-banner.css
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 6 KB
2 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1173904
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1312
etag: W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM"
x-served-by: cache-fra19181-FRA
x-jsd-version-type: version
date: Sun, 08 Aug 2021 03:34:19 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK head.c534311dbb6000c7ee0e.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 2 KB
2 KB 477ms
96ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/head.c534311dbb6000c7ee0e.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e91e97f32c3d1deb87a6673c372437d179c6c8256ebcbc4db8722e6abdef52d8

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 08 Aug 2021 03:34:20 GMT
Last-Modified: Thu, 05 Aug 2021 18:51:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SXb67709Jdg415caMLKF5w==
ETag: 0x8D958420ED29007
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 2f8b56d2-301e-0032-0206-8c5053000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1696

GET
H2 200 kryp-fm.css
cdn.saleminteractivemedia.com/dist/6d7e009c/site-css/2018ccm/ 183 KB
31 KB 460ms
396ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/6d7e009c/site-css/2018ccm/kryp-fm.css?hash=8ba92b8d831fea54b9cc
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 532cef99cbd13f128761271ae602b8ffd903c081080181a6b7e642880871c94f

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
content-md5: ER23Sn5YFEUPJPjZZcijBg==
x-ms-lease-status: unlocked
last-modified: Thu, 05 Aug 2021 18:51:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D958420DC1045C
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393660.cds232.lo4.p
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: abf11e86-b01e-004e-7906-8ccd66000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 37ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://931elrey.com
Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 255594
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b3f07ad7842f60c26ef6c4a5ad93e0c7
cf-ray: 67b5b036e9cd1f51-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 a2fee930-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 92ms
47ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 08 Aug 2021 03:34:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: Fpk3aCOCG3GcIF0ftp6h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 widget.js Show response
campaign.aptivada.com/ 74 KB
14 KB 174ms
48ms Script
application/javascript 13.32.123.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://campaign.aptivada.com/widget.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.123.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-123-5.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7bd13a245729dab7cc7ace97ba3c607cb93da725ed88220e7aaf4872a3361f8

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-version-id: o9GG6I.jKXJ6abttQnXcOgEEJ_3EW2zS
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:22:47 GMT
server: AmazonS3
age: 122
etag: W/"32c1e9f5d0a579d5fb62a0de1d07f579"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 20e9cd7a84a4b4e0dce285f587c43f9b.cloudfront.net (CloudFront)
cache-control: max-age=600
date: Sun, 08 Aug 2021 03:32:19 GMT
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: JXeq6MFVNNlV4K9ugCBCBKGYByLAEuaJt8vqNQQ30Hf0rQQ5b7ms8g==

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 371 KB
109 KB 74ms
34ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:20 GMT
Content-Encoding: gzip
x-amz-request-id: 4SJ2FFB77E55AFF8
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: Y/sHgB45zCIatTip7niQqSSMI0HCi3/GuRVo4cHL4TqYyBQT9xcS7Fc1n7EY5aV25zV/m51iGwQ=
Last-Modified: Wed, 04 Aug 2021 14:17:16 GMT
Server: AmazonS3
ETag: "2961bf28a7d4c32f1b84975c0cd9b1e7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 38ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

e444fa83699450c75b020380ba5266e17bc2a8a687dcada9236f95293598cacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "952 / 591 of 1000 / last-modified: 1628287791"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24936
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:20 GMT

GET
H2 200 smart-app-banner.js Show response
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 25 KB
9 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2008699
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8896
etag: W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw"
x-served-by: cache-fra19181-FRA
x-jsd-version-type: version
date: Sun, 08 Aug 2021 03:34:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invitation.ashx Show response
salemlivechat.com/scripts/ 126 KB
43 KB 557ms
527ms Script
text/javascript 2606:4700:20::ac43:49d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/scripts/invitation.ashx?company=krypfm
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: e8131429fa1cca4e679a6792f1b8168da3493fe8daa272baba01f54dacbfb2df

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: UrlRewriter.NET 2.0.0, ASP.NET
p3p: policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-length: 42929
x-ua-compatible: IE=edge
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAnJVjNPF5%2FkH6fcnVq%2FC5dzeNiHCvWwWEUukNw97FQ6X8SzNIQ6akublteEp9QRQXkHDdm8yIE67o4dbpqNOZ%2F9N2p1CFo7hWMAnhtV9nyLvtkXbOn3dIZGTvKboOwXILgRvTx1W48wM71qP43n"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,no-transform
cf-ray: 67b5b03bc8474d84-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

GET
H2 200 legacy-main.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 1 KB
671 B 21ms
20ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d34b7c87a0fb79708d3f672f48dd9e2dd8c5d7244927c30e14fed0d117b7fa5

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
content-md5: hy56U2P8lFazHn6WtankiA==
content-length: 460
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 18:42:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8D761977E5A14
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393660.cds109.lo4.c
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10888105-e01e-005d-2f02-63f887000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=27026585
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK vendor.b277c96ebd0153da4e7f.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 107 KB
108 KB 481ms
99ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/vendor.b277c96ebd0153da4e7f.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 08 Aug 2021 03:34:20 GMT
Last-Modified: Thu, 05 Aug 2021 18:51:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Pv/GkQdecaOXfB0NhOUMYA==
ETag: 0x8D958420ED35387
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 782877ab-d01e-005e-4506-8cfb80000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 110031

GET
H/1.1 200
OK vendors~2018a-2018ccm-2019nt.2f73c59c5cb9263a48dd.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 26 KB
26 KB 487ms
105ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/vendors~2018a-2018ccm-2019nt.2f73c59c5cb9263a48dd.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e6a2d1bd8e2d064c2a4fda6cf9b91368d53448a8db00ec8f336419ce40dc1fb

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 08 Aug 2021 03:34:19 GMT
Last-Modified: Thu, 05 Aug 2021 18:51:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: TxBer17y+Bz6CToTP8JjSQ==
ETag: 0x8D958420ED1F39C
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: edbe2654-601e-0008-6706-8c13f0000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 26252

GET
H/1.1 200
OK 2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 43 KB
43 KB 482ms
99ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a70de6f7df22a25af4454d6d4add49c946e6200ce6bf9749821c4bbe1158c115

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 08 Aug 2021 03:34:19 GMT
Last-Modified: Thu, 05 Aug 2021 18:51:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Du0WTTHZNOciqhkd+oeC7A==
ETag: 0x8D958420EAB012D
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: c497d7b3-901e-0034-5206-8ca72b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 43722

GET
H/1.1 200
OK 2018a-2018ccm-2019nt.8b99928634fa491894df.js Show response
simorigin.blob.core.windows.net/dist/static/js/ 134 KB
135 KB 488ms
104ms Script
application/x-javascript 52.239.154.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt.8b99928634fa491894df.js
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.154.36 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7b941c805f98d27de3c33154d84033ba9865e3f241cd0b150ef42edd1843d571

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 08 Aug 2021 03:34:19 GMT
Last-Modified: Thu, 05 Aug 2021 18:51:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 1YnEPHJMOFUU2ehUO12a6A==
ETag: 0x8D958420EBF9FA8
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 342a5349-101e-0061-3106-8c4c5c000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 137357

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W468VL5

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b4c6bb82a815f3fee23c04705c90cd4486a789d316903960a1b0275f7e6eea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33800
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Aug 2021 03:34:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

598b1b0dd685aa16a2ceec97499b1973b030a7c498d367ff98a7c732fd7c3d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34657
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Aug 2021 03:34:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7066
date: Sun, 08 Aug 2021 01:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 08 Aug 2021 03:36:34 GMT

GET
H2 200 _ts2.js Show response
content.cdn.targetspot.com/content/act/beacon/ 1 KB
807 B 43ms
6ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://content.cdn.targetspot.com/content/act/beacon/_ts2.js

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 15:33:52 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"591dbee0-413"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://content-origin.cdn.targetspot.com/content/act/beacon/_ts2.js>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Sun, 15 Aug 2021 03:34:20 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://931elrey.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:34:38 GMT
x-content-type-options: nosniff
age: 403182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 11:34:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://931elrey.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options: nosniff
age: 127850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:30 GMT

GET
H/1.1 200
OK nowplaying Show response
np.tritondigital.com/public/ 452 B
682 B 468ms
139ms Fetch
text/xml 208.92.55.26
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://np.tritondigital.com/public/nowplaying?mountName=KRYPFMAAC&numberToFetch=1&eventType=track&cachebuster=20217853420
Requested by: Host: simorigin.blob.core.windows.net
URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt.8b99928634fa491894df.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.92.55.26 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS: ash-db-sl01.streamtheworld.net
Software: nginx /
Resource Hash: 81d1dd900aaa2149d2349c9fc69939e68ed69fe4ce808563565d492a779d9547

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 Aug 2021 03:34:21 GMT
Server: nginx
Connection: keep-alive
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Content-Type: text/xml;charset=utf-8

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://931elrey.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:58 GMT
x-content-type-options: nosniff
age: 127822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:58 GMT

GET
H2 200 icomoon.woff
cdn.saleminteractivemedia.com/content/icomoon/fonts/ 12 KB
12 KB 27ms
10ms Font
application/octet-stream 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff
Requested by: Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/6d7e009c/site-css/2018ccm/kryp-fm.css?hash=8ba92b8d831fea54b9cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3c667fd8592fe5a897153b16c9043fc60cf5f25691b717f4337381cf32cb8858

Request headers

Origin: https://931elrey.com
Referer: https://cdn.saleminteractivemedia.com/dist/6d7e009c/site-css/2018ccm/kryp-fm.css?hash=8ba92b8d831fea54b9cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:20 GMT
content-md5: Ai34vIUhcFgorotyFzVyIw==
content-length: 11912
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 23:31:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D957A001F6112F
x-hw: 1628393660.dop231.fr8.t,1628393660.cds241.fr8.hn,1628393660.cds148.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 92dc4cc1-c01e-0005-128c-89fcfc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31263852
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: simorigin.blob.core.windows.net
URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt.8b99928634fa491894df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

278e707675bea29729953cf6872cc72f51e2cb9a1aa257c5661e6a5a26d47e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iINwrYNKw8ntWD0b885WCA==
cross-origin-resource-policy: cross-origin
expires: Sun, 08 Aug 2021 03:53:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 3HBSam10z/DQxyUGky+uAXEiciEK291dfJa+b1sr7ZiCT/vrtwCLyOvKbGqiDx0VM9UUyAR2MoKAOnxlNVp4fw==
x-fb-trip-id: 686109401
x-fb-content-md5: ec6e669d5836951abf80e994a4ca99a0
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 08 Aug 2021 03:34:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4858ec40e77d257f363b67c6989250cc"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 getprogramguideinfo Show response
931elrey.com/ 28 B
364 B 416ms
415ms XHR
application/json 2606:4700:20::681a:3b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://931elrey.com/getprogramguideinfo

Requested by

Host: simorigin.blob.core.windows.net
URL: https://simorigin.blob.core.windows.net/dist/static/js/vendor.b277c96ebd0153da4e7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ebd3b5cf4fecacc0dc547767abd6dd6e50079f32e5bb2cfd1a978aac3d44b2

Security Headers

Name	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://931elrey.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 25
:path: /getprogramguideinfo
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: 931elrey.com
referer: https://931elrey.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
arr-disable-session-affinity: true
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
referrer-policy: no-referrer-when-downgrade
x-aspnetmvc-version: 5.2
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NArHz0cLZZ20OWcM9Go9ZhsHCLZh3MVNxjtHPE9ppB6Tagj99dW1uVF%2FEubYka8tabcUXQJufnnJCBoryXr9%2F4Nn9nmGGXB2h8fiOLMjxa0gdwWplubmSnNQjfWYy9IV596nJ5O92pX%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
permissions-policy: autoplay=(self)
content-security-policy: default-src https: *.sim-cms.net http://sdk.listenlive.co http://*.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://*.streamtheworld.com; worker-src blob: *.sim-cms.net 'self'; font-src data: https://* 'self'
cf-ray: 67b5b03c6dfbdffb-FRA

GET
H2 200 template3_logo.png
cdn.saleminteractivemedia.com/shared/images/logos/323/ 7 KB
7 KB 351ms
349ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/logos/323/template3_logo.png
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf28ab665f8ba85712268ec185095c92de340a2be2697db60898b34814860acc

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: HOgg0mUkXLL4HjfWaA5zeA==
x-ms-meta-uploadedby: Hanlon,John
content-length: 6689
x-ms-lease-status: unlocked
last-modified: Fri, 01 Jan 2021 00:16:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D8ADEA89CF4D0E
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds090.lo4.p
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 43df2538-901e-0052-6d06-8c1571000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 play-button.png
cdn.saleminteractivemedia.com/shared/images/ 2 KB
2 KB 25ms
24ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/play-button.png
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:20 GMT
content-md5: iK52X5B86FHk7qX9XxbesA==
content-length: 1851
x-ms-lease-status: unlocked
last-modified: Fri, 26 Oct 2018 17:40:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D63B6A1D42BC9E
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393660.cds069.lo4.c
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6e11ec4a-501e-000b-8011-f410f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14828391
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 don-cheto-012020-1000x500.jpg
cdn.saleminteractivemedia.com/323/content/150425/ 113 KB
113 KB 504ms
502ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/content/150425/don-cheto-012020-1000x500.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e8e7874dea32de8193fa5d1279e90733ea0b98ef78f484989c520522cf6f06e

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: 9ZHeBHFJ+x2z0Xoaso7BHw==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 115954
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 20:54:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B4BCFDD936E
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds011.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e0f928d8-d01e-001a-1906-8c27ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 back-to-school-family-wardrobe-shopping-spree-krypfm-880x440.jpg
cdn.saleminteractivemedia.com/323/content/246895/ 40 KB
40 KB 499ms
498ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/content/246895/back-to-school-family-wardrobe-shopping-spree-krypfm-880x440.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6420376eb65b3ff584d1242daf86334c85a37ce98e529e6340a842612faf8a56

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: EtjobIrOKFghc3ASpSs0PQ==
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 40927
x-ms-lease-status: unlocked
last-modified: Thu, 22 Jul 2021 16:50:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D94D30C0C26414
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds089.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 7b188639-201e-0040-7b06-8c216d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 1200x600-carousel.png
cdn.saleminteractivemedia.com/323/content/247093/ 118 KB
118 KB 588ms
586ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/content/247093/1200x600-carousel.png
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 53a17bcd072e99e64350790151e71b15af0be7ad7ec16d18d7bf8d84f461011d

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: pN3MBQddfAELbQQ+3PF10A==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 120411
x-ms-lease-status: unlocked
last-modified: Tue, 27 Jul 2021 18:26:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9512C0682E9FE
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds217.lo4.p
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ba6d8f49-c01e-0027-3c06-8c92ca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800, must-revalidate
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ana-maria-canseco-1200x600.jpg
cdn.saleminteractivemedia.com/323/content/223497/ 79 KB
80 KB 344ms
343ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/content/223497/ana-maria-canseco-1200x600.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2eb513fa663a154c7860659d511b87bbc5a962b00b0c910e7826b73a2f93863f

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: crJCLrbWtVDoRV+yx+dlIQ==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 81258
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 21:01:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B4CDC85245B
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds260.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 43df2526-901e-0052-6206-8c1571000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 road-to-recovery-2020-1200x600.jpg
cdn.saleminteractivemedia.com/188/content/230378/ 128 KB
128 KB 340ms
339ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/188/content/230378/road-to-recovery-2020-1200x600.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f85aea20f7e0b7880e8b689cbe76f581ca92b81eee820ddedcd2f63891762f89

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: ROwB+zlfFGU7fJXfGcOoVw==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 130837
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 04:16:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85AC0780D3373
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds280.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: ac2a2cd7-101e-0025-5506-8c9030000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 don-cheto-800x600b.jpg
cdn.saleminteractivemedia.com/323/host/ 29 KB
29 KB 502ms
501ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/host/don-cheto-800x600b.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b28e278925b8d63b4572f6b5af39d59b182704f56d89e3409ed0cae78cbe4dac

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: pYgeqkUg5jwJIrWZBTb0nw==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 29917
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 21:02:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B4CF26A227E
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds079.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 7b18863a-201e-0040-7c06-8c216d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 la-diva-400x300.jpg
cdn.saleminteractivemedia.com/323/host/ 19 KB
20 KB 503ms
502ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/host/la-diva-400x300.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ca5aa3ff7aa55254c3f56ccae0499832b4ec1ef96e9fcc400f7f453a40a30b46

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: MdqOLEYtlq/yqdndgO6D4Q==
x-ms-meta-uploadedby: Schiffer,Beckii
content-length: 19886
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 21:02:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B4CF489191D
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds209.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 8e5ed95f-d01e-0055-0b06-8ce3f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 carlos-el-aventurero-200x200.jpg
cdn.saleminteractivemedia.com/323/host/ 9 KB
9 KB 517ms
516ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/323/host/carlos-el-aventurero-200x200.jpg
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d133cc9352b2595cfa5c57bd7b7ce6acff168e5d0c3c3eef317991785424b20d

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 08 Aug 2021 03:34:21 GMT
content-md5: fMSilENQ7d+itv4tCTv7Ow==
content-length: 9406
x-ms-lease-status: unlocked
last-modified: Thu, 17 Sep 2020 21:02:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D85B4CF031832E
x-hw: 1628393660.dop204.lo4.t,1628393660.cds235.lo4.hn,1628393661.cds231.lo4.p
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 5395c54e-701e-0053-3906-8c148c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-52097637-4&cid=654959740.1628393661&jid=1492276724&gjid=1219032610&_gid=692982056.1628393661&_u=IGBAgEABAAAAAE~&z=2086004695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:34:20 GMT
content-type: text/plain
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=20567583&t=pageview&_s=1&dl=https%3A%2F%2F931elrey.com%2F&ul=en-us&de=UTF-8&dt=%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=1575054482&gjid=1180285158&cid=654959740.1628393661&tid=UA-6553589-38&_gid=692982056.1628393661&_r=1&_slc=1&z=2123482724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 22ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=20567583&t=pageview&_s=1&dl=https%3A%2F%2F931elrey.com%2F&ul=en-us&de=UTF-8&dt=%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=524091628&gjid=628624549&cid=654959740.1628393661&tid=UA-34961268-2&_gid=692982056.1628393661&_r=1&_slc=1&z=1727060264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=20567583&t=pageview&_s=1&dl=https%3A%2F%2F931elrey.com%2F&ul=en-us&de=UTF-8&dt=%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1492276724&gjid=1219032610&cid=654959740.1628393661&tid=UA-52097637-4&_gid=692982056.1628393661&z=596726167

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 14:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/ Show response
nodeeu.targetspot.com/userdata/
Redirect Chain

https://node.targetspot.com/userdata/?callback=tsCookieCallback
https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback

362 B
1 KB

249ms
35ms

Script
text/html

31.12.68.105
TARGETSPOT

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeeu.targetspot.com/userdata/?callback=tsCookieCallback
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.12.68.105 , Belgium, ASN211945 (TARGETSPOT, BE),
Reverse DNS
Software: / Express
Resource Hash: 04829856ffedd79d2eb3ae2ce6190c6af84e4f09a89612418e9a4c60cccfb24b

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 Aug 2021 03:20:46 GMT
X-Powered-By: Express
Content-Length: 362
Content-Type: text/html; charset=utf-8

Redirect headers

access-control-allow-origin: *
date: Sun, 08 Aug 2021 03:13:54 GMT
vary: Accept
x-powered-by: Express
content-length: 81
location: //nodeeu.targetspot.com/userdata/?callback=tsCookieCallback
content-type: text/plain

GET
H3-29 200 pubads_impl_2021080401.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
114 KB 24ms
23ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d3722344dc2b0b07af6a39d0594966bede1a0dbdf0e524795cc6aaab2a6e2845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Aug 2021 08:37:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117056
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:20 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 31 B
71 B 24ms
23ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=931elrey.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

bdeb7ae02419fe749290dd6e6b3bfa9776f0382087e2261ef03a6849a49b0906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:20 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 229 KB
67 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b1f57da4291479a24d51cb7dcae75381

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b274ecb390dca4ade5d9cb21fb8c31e4b0190df32b54a583c7fdc30a110436b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://931elrey.com
Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5XJnc/kc1caB1J5E2Yuj8A==
cross-origin-resource-policy: cross-origin
expires: Mon, 08 Aug 2022 03:08:07 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68104
x-fb-rlafr: 0
x-fb-debug: DHzQI4qoeGv3Q4AtJaN9xhxm7m5+gMbKnVfWSY/2/Q517pCwLdBN/nMR/jT8rx51pj7WnCRzexSOzoPPMo2nyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 78488deb063adaeca617df57cb97e678
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 Aug 2021 03:34:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6d085e5d23342ea04a1473852d25ee21"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 t Show response
jadserve.postrelease.com/ 115 B
538 B 308ms
103ms Script
text/javascript 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2F931elrey.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 122
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: oPR2Mx4tAXT96hhGsI2VKNOJhe0XLPSOFOOEDPTCIyCDDm2FqtHBrpvVlD4WLvqeZAefhDJ+hxHQRPG25OnXeg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:34:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 29ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-34961268-2&cid=654959740.1628393661&jid=524091628&gjid=628624549&_gid=692982056.1628393661&_u=IGDAAEABAAAAAG~&z=1825809580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:34:21 GMT
content-type: text/plain
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-6553589-38&cid=654959740.1628393661&jid=1575054482&gjid=1180285158&_gid=692982056.1628393661&_u=IGDAAEABAAAAAG~&z=27676468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 03:34:21 GMT
content-type: text/plain
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 390961805259193 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390961805259193?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

808bc59a090192405773b8240b08316833c8a4039ea47c0ac3c7f1ef191216c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Y7MM/2O8K7pVRinj1MjEMKOrpngPiLR51+AtblODvKwBqmHAVkP5/PaYGXudgXRSBVeu8XKtW5nToPlO3fjkYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 08 Aug 2021 03:34:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=931elrey.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=931elrey.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-6553589-38&cid=654959740.1628393661&jid=1575054482&_u=IGDAAEABAAAAAG~&z=1757563486

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-6553589-38&cid=654959740.1628393661&jid=1575054482&_u=IGDAAEABAAAAAG~&z=1757563486

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 102ms
102ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

89dea1d1850ddef639a17ee3eca1f0c2b803b18f0439148d975e8c9fcdc781a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4308
x-xss-protection: 0
google-lineitem-id: 5623575749
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340093041
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BDF 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://931elrey.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://931elrey.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 08 Aug 2021 03:34:21 GMT
expires: Mon, 08 Aug 2022 03:34:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 235 KB
25 KB 79ms
78ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2592092220881990&correlator=2599601719511837&output=ldjh&impl=fifs&eid=31060837%2C31061422%2C31062142%2C31062148%2C31062161%2C21068766%2C31061424%2C31062203%2C44741899%2C20211866&vrg=2021080401&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=6177%2Cslm.kryp%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x150%2C1200x150%2C880x110%7C1200x150%2C300x300%7C450x450%2C300x600%7C450x900%2C300x300%7C450x450%2C1200x150&prev_scp=pos%3Dskyline%26traffic-percent%3D20%7Cpos%3Dtopfeature%26traffic-percent%3D20%7Cpos%3Dmiddlefeature%26traffic-percent%3D20%7Cpos%3Dtopbox%26traffic-percent%3D20%7Cpos%3Dmiddlebox%26traffic-percent%3D20%7Cpos%3Dbottombox%26traffic-percent%3D20%7Cpos%3Dfooter%26traffic-percent%3D20&cookie_enabled=1&bc=31&abxe=1&lmt=1628393661&dt=1628393661068&dlt=1628393659964&idt=1057&frm=20&biw=1600&bih=1200&oid=3&adxs=200%2C200%2C200%2C1100%2C1100%2C1100%2C200&adys=0%2C293%2C293%2C293%2C733%2C871%2C1084&adks=4209905863%2C4209905856%2C3167312183%2C2424252874%2C1185351349%2C2424252876%2C4209905885&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2F931elrey.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&msz=1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&ga_vid=654959740.1628393661&ga_sid=1628393661&ga_hid=20567583&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ff0460e85b4d4ba1f4734d658c6858187e2f56d6157e79d4b4afaf43a852844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25839
x-xss-protection: 0
google-lineitem-id: 4625993715,4888650667,5754881001,5754881001,5754881001,5755807344,5681041091
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138285339927,138285747475,138359037562,138359037565,138359037568,138359130472,138348483175
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://931elrey.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2F931elrey.com%2F&rl=&if=false&ts=1628393661154&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1628393661153.2094853797&it=1628393661014&coo=false&rqm=GET

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 096C 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZK2N0J40Yr4v6LbI67mQxvvP0G5hF1SwncWUAI0aN8_8o7FzoTr4GIL2QsXxnJJ1u-QM5WTkhu83xXi27WYP4y6HozxWUHghodfmdoyt6YwUkr-lBYbWn2tkKlz8_GDOzD_I71kkzxP39XHR72yDY0vxnGJQY37o64-Pb7ESRLaQ8RPKU7FprffA5muz_gb7dHxmcehdqPFNMkAbbZ3Ngi-1mY1Mw8aT7PodhljhVkokODRtRzBDXfDJH_b0gA5xQhx0voRHRdfVXxeFNQVEeWjf2LJ4n5usDBGwdMBw3SshZ&sai=AMfl-YTzXKp1w9fcYbvwO-ZnL97LrWmapU22BVWeRcLulDAKfqgSrptEl8zXPaW9eSQGlfOrC2-KgVDPtWfq2IfPnMYmani-U1EN-ZGwGItrk9SI1xvsxAjh4iVssWyAenNq&sig=Cg0ArKJSzJ2uVfqFkXu-EAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 096C 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 096C 2 KB
1 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 096C 125 KB
38 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H2 200 13111742348735198595
tpc.googlesyndication.com/simgad/ Frame 096C 28 KB
28 KB 115ms
95ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13111742348735198595

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36ffb842999697b16eed34b792f2ff03889132b1425b697194145cad8ca27d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 02:55:44 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28379
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:34:21 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E60 0
0 19ms
19ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMu4BMI2RXg1wy0zqPD0SIekkXLB12QXJPFy6RjBLpdD6etF7nx41UxCoNjD47Rd8YpCYjHxK2jx_6Pd-BW_Zjmmi4_ye-P-AGcWRmpk_DDkrNz0GtVR6sfgT1vHViV3azQBwKaK3tn2j2VI9DPfHXaG1dQ6XLak2r0s3ei3kNy5B14Q1z3oU4ge4HwPaUpdLs3mIk7KNIDgsqlp54sWETuiZU4VJ05uind8cUlcA_cH5sEjQS_ZoZ6ZhE341-hnHPHZjYNUUPN1bGEs2GF4N61kHBYNPfz3KUTHWZg4z_Yai5ARdGYtXzX4I&sai=AMfl-YSi3Ls9ZYvCNZaZARHQ8b2b-EYOb6qHG_OmstVWYG4hboIKCB1wxogQeIvaCnOVREYVIdoSOYw5HvG-fOvrzKo-ZDcLuHY8TqGGZsZ0gWUtgrHwlRm-i6z0kfLbLI4U&sig=Cg0ArKJSzDP_YI4I1OHjEAE&urlfix=1&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 js.php Show response
us.ads.justpremium.com/adserve/ Frame 5E60 9 KB
4 KB 151ms
113ms Script
text/javascript 52.58.248.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/js.php?zone=112331
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6db3eb1494aa0a0e4c95ae4a7bd01a41177f2d1d8c4480be825b186bbe766b4d

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
cache-control: public, no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E60 125 KB
38 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF78 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFlsx0aZCdM2EZyqeABxg-WT4UlAHjWiWb23ZCULy4GCTBEY1u3P7UZ3jBX38ZkXRZYMUKeHVPPiHMimGo1E935YYS7gjb7CgO-zEPTHM26Gknpan3k5ZzrjMfBacUz4qeTPrQcB4MqydvLNqWAdvndTSaQG6rE6ukpXGn--8jHJ27joYpfcxpvcMHl2WJNhvs0dS_jTalwHuXBY2un9gk4AOhYRlB8ta3kKJk89xJvMuX9RwyzWvtarHktzAHUWeQ8SfkzTcz1jmsNcfpqsoqd8ya24iFXf0oCUxC4OMmnTnqpCVI&sai=AMfl-YT5xqaMf0nLSjrhYguuC6KqbZ7iyTXOKDS7iVZ9REjxao4da6tEeF3B7HY37FbfZZp0cCYq9mEbQlQCD7a4Tr0g3KkM4qpwtmluHlFAvzhEttUUou10yGFD1DRfs_3r&sig=Cg0ArKJSzFW03I4McjQwEAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame DF78 18 KB
7 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DF78 2 KB
1 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF78 125 KB
38 KB 54ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DF78 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaReGdePnWkXmfzvomzJPAjfzjdNp5vQpAhMvOPWb1Jxi8z1uw7Nyux2IdkHU_0ru66cNBNk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 9598225389579262300
tpc.googlesyndication.com/simgad/ Frame DF78 42 KB
42 KB 92ms
77ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9598225389579262300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b601fe423901df44868501064e95dccff6dfa8cca74eba11251776c9fcbb3d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 19:26:07 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42657
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ABE 0
0 18ms
18ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSS8CnqGTOiPEO1npe57VoSenLoTnp_8hBvSEismE-8YljjbOYsrjBzz9KXpolAGZGJjeLayhe3JsIF2tWa1fmtZiIwViNUTNlR26oofjdLuf-_78chap_iXYixe_9Yqs_z0ZYFcpjweAB-zb9QVE_WQ5F-_lJgM-Xeiq9KeNbcA3Pfe8hmiDvoxMdm5KDAK1CKSDjRbZXj3VzkiUvw_OHtrYW4y0uIjvkMD_VX9HeUPTuu1jX68M0-kLBymOBwHU2OyPs2mldJgl8Ofrj8cSRqxbOwow2Ds823csRSL5E4j2sUIio&sai=AMfl-YS4f19N1dfYBSyjfvepiG6t3Y08DJWnLYzglROqOQvhw1xk-MPODkWSLdx-YCT9MfvTJLenx69NgJl7vrfUBnAfcYiIkWpXeFiGVm5ywiyGOeIsKlLXWPbxMwT5hiya&sig=Cg0ArKJSzNv9IUhH88ZvEAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 6ABE 18 KB
7 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 6ABE 2 KB
1 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6ABE 125 KB
38 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6ABE 0
0 16ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGLz_1lYYkQSH3UaEt3uFBdj6GGKfohM31bjRThlmhI9n2epVC_pC0UdDVr3L_taJ9AQP5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 11373773029090271720
tpc.googlesyndication.com/simgad/ Frame 6ABE 43 KB
43 KB 17ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11373773029090271720

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0051e51b760e43f5d7342db0fbaa4c5b74aecafab393323e6763a213bd6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 05:27:16 GMT
x-content-type-options: nosniff
age: 79625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44092
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 00:56:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 05:27:16 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4152 0
0 18ms
18ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutR_lSs0jPyvq8-zG_jLqihv-XOe-hrFcM48LYh4RAW_8kGTRDeLEcR1SZlbtAsJWjLeChlZ3ZoxKvC8Do-AmijIrTSysKJUVMCdVbrFAiodGVmImf8roUPMs_nuAx26nXTHSVvMS2clU7wrTSQhGm9JaRPD2BBBsfvAKgH0UwdIJGJy8ZXe6J9ATkfxFTa9lMp_w96xMFS8xOPK5smnFY-VcraTO4ajic-9dzIlMpfE4870eoTcPXy97Ul1roHUUUp55tHFRLltTdUc_wIlKvBMkkC3H2oAGd4YPXuxf6_UObG6FZ&sai=AMfl-YQJrGeG2v2zfRXVfUhDU1DoKxg15eiW8TlQ4oAyHIZoxsLD2jVGodlGeM5J3S25pCWWUnOeyYGoB5szpN3h347C_fpCj19OcrFz7jwbf-khrSxsD9pXAS35Ed1B5E71&sig=Cg0ArKJSzPUF4MiZqkjoEAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 4152 18 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4152 2 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4152 125 KB
38 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 4895918057087050802
tpc.googlesyndication.com/simgad/ Frame 4152 31 KB
32 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895918057087050802

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef806f7f1a984747ed95c127a4bcecd083ac8b8c88f8007c7535675a196ae20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 05:58:39 GMT
x-content-type-options: nosniff
age: 77742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32232
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 00:53:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 05:58:39 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CDC 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshkBxPSSAz7ak1einIImMQnA26f2f2S4i1TGCE9ibiOtSDWuxHYOSlyalcZXfXR-EZeL7WtRBX13EZL4qjS9lVreHXsxwve0vP17V1j7gHWGKmFUW98cZCayOoEqVm_1Cimi30uAfZZjjz1uCXoMxGnLB08m2jhKnhdByukA5cg8m8AYalUCeYrhkzsGJfgjoeYlNRzsWFwK5biJrFcXFbn3VMKlE_37f4uGX_ZLNZLmO8qcTz_vFrv5Jmx-Fsg3HLV5FQxcxdduwLzwvgUHfnGDa26sL-EJX1TI8If2loWXojFDa0&sai=AMfl-YTrOTFHAlO_23OwTnJiXMidJPQtylG4-p-SvtI0OAds7ctemFfRaDiTFo_Wdgr8zh37lXga5ScgBH0CCD-QsqxsNYpe3LRT9WxdmUXoE2h6Puj9DJiY7KPwmj8SMI_o&sig=Cg0ArKJSzBhwEgK7IvfkEAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 8CDC 18 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 8CDC 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CDC 125 KB
38 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8CDC 0
0 16ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgogP4X1j0hRjUT0tAzySyVuJQn8fxAi2UylKgwLH3kVcvKLxdx_BcDHuXX1LvlRcwy5JY
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 11168154737736983579
tpc.googlesyndication.com/simgad/ Frame 8CDC 155 KB
155 KB 157ms
153ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11168154737736983579

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d5455e45854fb283989af0ccb252db63003b08d9c07df9e645a5f387160b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 23:56:28 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158867
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE6C 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI_f1EbjrNZbnMp7V8kC8CqeBULRwqwMGOxRpAY3yrQk9I6VZTisc7Uh2eazOlGAoY0LaTmBxtSVfpY0m28L3vP1btYQas5KP1ou2UYvohkR7N66dWiUPFzjD8cE5rYJN2_ykP3lUse4j-4U9fR6baCDGPsIqFZxdJSnfahg9GgZaeICJha9ean0QFcd27T0XBuNPDZug27WKzzClnE0S576asrKc4Ogzz3U0c40kHPtKBqlTnsN_NSHG1NywHSCdb9t-UYfTyqc8YoeqSC93oucfO44o53IUazDZJMwRkEuMo&sai=AMfl-YTeaYttltRrFMpw_KxKLA5zLpngk28NvtFILkMMReNrxU941572hdEl84RqG5eqU8dQ4Sw_dMkwLr-YqlxFUktaShMs8f1p8D_HTfg13tDEGMGBjYbC0ay1F9fxjlEy&sig=Cg0ArKJSzJu90427KwdcEAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame DE6C 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DE6C 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE6C 125 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 16522605474182554743
tpc.googlesyndication.com/simgad/ Frame DE6C 236 KB
236 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16522605474182554743

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

267276cf7037be23242b32c121b2475b657f4203900e5f063363c35eadac3975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 03:08:04 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241986
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E36E 0
0 19ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCFDedwatMLy2RFCCPXGaRnyU5kYyC81aqy97HAwSrc9bIsIRt6ivuKUwkcqan8WCwL0WzIjWwZ6RUeBLgvQ0iJi4r4YPBI4ZucED_kkOlYA_UbkrEBS6mTZw8OGja0gH3q7taFCWhgWy2z15WQHts33qhDl-T2atba6T2nvLcORzL6w3SjKhoyt08vv685151eLPgKgUPzg31QCdI3cDog7KMoqs_MPbHRrM28vFLTgxMfXn5reJWpV47WX5ixNAZZFoPlnMwdCbRGmL5L3nEGiORKPiztjMr9BISWpdh_kkqzBZX&sai=AMfl-YQzBEym2iptU4xLcoRAY2IE_gvFn_0rlXpZdBjQT0YDTFahmmRy_miFlqCgTdmjhIIwtdPs4g3pwLEyiWcJWdYRmWk7LIt3K3xm7rc_vDFwjT0kD7kiborFfqf8TDH1&sig=Cg0ArKJSzDgRAGlyEWU8EAE&adurl=

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame E36E 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:29:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame E36E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:23:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E36E 125 KB
38 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E36E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQf8iOt2AOII8uGktQPPBF7_4U3L6ftrboe1w5R9SB_IWDBzo3cxF8QTurR8HwhrqVrRAcU
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 169390177681994089
tpc.googlesyndication.com/simgad/ Frame E36E 27 KB
27 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/169390177681994089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bdffab914ab35eced15a12b97ec8aa3fe7233f5fc0fac8723c8a5dca8d256c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Aug 2021 00:56:25 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27692
x-xss-protection: 0
expires: Mon, 08 Aug 2022 03:34:21 GMT

GET
DATA 200
OK truncated
/ Frame 096C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d1be74cb3aec457316d99eb377ed161e1021ef59ced2a5d4c707c5871396da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ABE 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1Lhk0HJx2b_5ifGSlcQlFaICdR0YpuBC6yWllzeVnJrWnoYBxSsTZ8CVlnEqcbpTIPKdTH0kugaBdtPfe5Wh1xCCWZYv2dZRzdfsdffAXdvTNd7dw5hCI7jHIHDupgth3IuJ0g2LJzvBdnUOAUhkttuRRIgsUpo4w-qcLJgf4v3f8hDmMkUfSgMSTA5dfy_Q1Be_BR01IGdJTrIAw0LjvURAxfeF6Aah5O3InZRy8IkKAaSjgkhCvtEWbTvuIDK2itG4Ct5WRA1NQ17XuOBF8ym4m_62hoHZW9S1Jc9tuVYUsaZOEUV0&sai=AMfl-YQ4H5jz-raRjX82tCFWwd0VeaQ8m7rEoN9_BCV9KpwjZXQ990X3-uxmaQ8AasEi3vMgz1qZRtEjeRQLAk_b6_WbdxfOUVgKqUGvybwOW3DNIA4SoBXv428-uCoEsNvA&sig=Cg0ArKJSzEQZ4kUaVJLyEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
DATA 200
OK truncated
/ Frame 6ABE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98673748465dcf724a8cc37d8a11a95b7a77543d46a5dc8b195c8b2832c29fc6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF78 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e15ccb85feb07755c78f0cb86fe9a3cc1b3dd67c379b6a6cc63fa6bf5b2b1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8CDC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 123ed0cce1f14220b8ad50095f1532aab11483a2be38b74d4f7fb221789eb4ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4152 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpQo2v_7Hbuzf17UemQJf5Q_YkeAN7EWt1OAoGL7HTEDOwoSoeV3q5NhkbRwSG50exWA11bw0YF0BJgiv0hNpwGvDW6-f7gk_JezaPH8lRaE-Jv5krfks5Zhh0kUOM6w8ckJjRCYRB_orcUKCajyItMSNJHWNF6oI-U3MQKHPYamgINttFLGFl-Sr8KbJkhdGI7eE-vhGb7C8yJ-Cuy-gRc47gJifbfXsG53sA6cJ7M445HjLnCIAWM94Uj7n-oSUYUyK9RFWXw2wC5wjz6QG3rTN45Pn5PssNeCgrMPksQTRhY3Z4M-Y&sai=AMfl-YTIOovmkq1DlBnm36QSGXUJ-NYTPr_rOtPzO4EAvKHwaX2tex2zndqW0Ir4Xg2DfP5V9uur8p5qql9GifR79OWkJGietXZJM4Hcne4Z21D_84Fg7Hb_18ZkN75S-8cL&sig=Cg0ArKJSzA8M8m1RkY9DEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
DATA 200
OK truncated
/ Frame 4152 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc32b9225adecd1264332d7cfae20e1f76eae111dc980dc3a41cdeaba663fed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 096C 0
0 18ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOUG1YoA-5xUxj6jb5I2dmjz6qbA48AehD9GX93-9aR__Yllp8EpnDK0Ts41MMYcDAMA3-5DfuW0EyCWeHzvZLGTV3NPTHtpD3rJ-cYHKaW6lgeHefYJ2PmEfGgGqzy6FZvmPeSGUGI43WsUtwf9l-MdWOnDyXmnl05rcKKruow7nSMkeJixjrqsuJ_sSSpoT7ISQd4JzMVkuRw64kMF1LCoEk6EUqjfeDCPWR04MEq2U5_1uG5MqCESmhTM7VsWctdBBnCh2X8fyUIStew-Wid4_LxUPNfzeygj2awD2hT32aQmM&sai=AMfl-YQmrySYDYuI0YctIZ0Ky4VWV3eNazme3LgMUzr31rj1mZ70o2Qr_y5PAZxu7PYw9jslX24bqIp5uaOQlfvFmW_hlJy5b0fkks5v-DuepFkniHYMtm6S8R5r0bebbjRz&sig=Cg0ArKJSzHQ6ATjEYw60EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE6C 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8EohqZHubuk53t5YhYSUJt0hNv5NPm2VqRv6tfwmIo4brGPuzZSRqaMwIvopZzzS4hABEUSrZGc7DnRIVHGW_nqOe9X1tcNJkstwMWdvCe_HiqLteWsCQQIzDEa3ByGJe3sDn7aUDHYbRIMgs6KFqMBrn_o0XrxiQa6lcJw3KCWkHOlYVPeiCtl2LnhjRKnrK67QT3UXu1MVSVNiB7QCT-SIc3zpRHBIqCpaa_GL7zLq-0YZi9wnqoZaGpDEoa5r1TfXxt6Ew_Jnkes-h1boFLLRrksx3paUu6vdNeaR2hgMCefk&sai=AMfl-YST2wwTuKb0u78y4BeVIpFmEVYb6hlm2AzmWQmATkLUTFiUBHaEJjtSdFtNwti5K72y6pOKEipJpfSesZpBVSFahxacn-jZPFy5FIQbegoa1wzpS0Hma0WJRE9S3Vd9&sig=Cg0ArKJSzPyaaa7Ige1TEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
DATA 200
OK truncated
/ Frame DE6C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14917314d4db40117cb83e5341762a9dc4c427957e2fd342d07cbe165819fc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF78 0
0 18ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8cAK1lXcwxHXlheafD-HQonTbjbJvUgnUjBshVZ5aSdTN3I7nXjwx1NTL4BeBoWNVKftjW6Cx1mE42I8hzkl2VYfnd5ca_dF1HPIwGMjcr2hYMdfS1M8sdeIeTyuf_aweOQRPJlRZ9aXtf6fm3krvIVahKLy8uaZLzzR2e1RGQqsJyZZTVsfiAXJ1R_80KwqZVKgrd69NgHv87BEjDDewBnaF887Ne1kxJAwiOhJAm1iKB-44GWJz_hOJwNzt2jBU6XJGPYHSa0Qitv8o3pdA-Hf4KeTSXFwIdXUSBKtBcUnSj30csnY&sai=AMfl-YTQGCXQSDf9uU0YO_mnF4U9bCCDowmid8IuLVeiwqVlEF1upmWYlrjeN9pEEpogAhcePyhysuAcysT6sWy4Gbotf4Xk5S1wO6D6u9V8d2qOGn_eV8O4nfTotByYMA3N&sig=Cg0ArKJSzOa9WfRMfKMpEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E36E 0
0 18ms
18ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdsvw5pYxi4iRVm1SBMdAriviPin9qPDaQPHdA1bYDXed_srOw7VBuyZSyjKp4ldPD5efumj4jhhpMBV3392qiIKa5K71D6C-u9rAe5wEDoMidVV_xV0FZtu26VNHL2wG4z5UjL-CJmuwcSnnItzpQ7De5wg3YdzE7YMsU_zlTVcbZhwcBhWu5Ib1SFylNXJG74rxTx__VnGeR1tOacuR0ChDToeB7mTv9v3vtfTU0fnK7LiqGYVzsbU6vWinpuV2lt8eqXi9pgSIWq8I41e6JI3RZTsDMZpvXveQA5NDD6DUllTyIttA&sai=AMfl-YTNWYKzHNbTdX6_LWEXd1EJ7YErzGufvaxGo0fKw4nny7IQJOOQgSwtAiQfZSGMRco0EVH3ADx8XBKNDULUYghYF0iN7JfAmGNHnWoTMpHz7fYcNJs-XJt57OfocYB1&sig=Cg0ArKJSzFG8epGEy9A7EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
DATA 200
OK truncated
/ Frame E36E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2942de285db206aa1f7d2a58829e698f419668f3bebd44aa837537ec4f847962

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jpx.js Show response
cdn.justpremium.com/js/v2.29.408/ Frame 5E60 294 KB
70 KB 126ms
35ms Script
text/javascript 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22a4dd30fc69ecf0e04233e86f56398bb310fa5fae3eb04fbe6acded35540bd3

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:27:03 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 13:51:46 GMT
server: AmazonS3
age: 331639
etag: W/"51ef6c7d07165ec971d491e42e08248c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: K_UvezxHrI6eWAGkOh1xcnMdJrxu2U9JYfOe0VLCBwdt9gzaqP0t8w==

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ 43 B
332 B 109ms
14ms Image
image/gif 18.193.17.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-15f1ef6c-551b-48f0-a81e-8f56a0a3b6f3-25489-837898334&sid=r-88be0118-efaf-45e8-b86c-533ed54b7080-25489-837921832&uid=r-25a2bd9e-1ec9-49ae-a489-55d5931edfc6-25489-837945438&vr=v2.29.408&ru=https%3A%2F%2F931elrey.com%2F&tt=1628393661550&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=3274038864&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=112331&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22NO_DATA%22%2C%22riskHref%22%3A%5B%22NO_DATA%22%5D%2C%22content%22%3A%5B%22NO_DATA%22%5D%7D%7D&ty=ta
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.17.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-17-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:21 GMT
Last-Modified: Wed, 23 Jun 2021 07:56:00 GMT
Server: nginx
ETag: "60d2e910-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
DATA 200
OK truncated
/ Frame 5E60 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f482187956d08a02a6cdf3a1f28ed89218b010ea9eb9f7648effca6a24f89115

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CDC 0
0 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst57aNNfe7MwFuABBCpf9qOM99V4SCMRwqitlqVr1oDtjLRWREPhjt4ItIMAyg6-pRUcrkF5ZOa08tDCTumh4YUndBBGzbZtCOPtbnSLpDESf3c7CrloyKxGiTGYRBpjNJGGoYDdnm_YCyarTf7NjB-Lsqi65M4QeNbH1Kj24xdc_nBZ6VyMSv3pgW3re6fiqjpnlCh62uQtkq8Jn2jofTJO6mP1Ie3xz-PMzBzgmkHvaN0VzNV6CX1pvIsZkWHyJIWtvco06sC311f-ms_fVMpUr-ZAD5kA9rb31dg9QHp2r5rk8iVYzo&sai=AMfl-YTi6IeJu0Mhi_t_9WOAWtO9XwqJAJHqJWbWVq8ucYwdY144POBPuoEIeTqtJsy-dO0L_kzVz6faz1EFFBQgisYZ89qOmtEEevKPazi_-cLykEKZ4RP7aEjspS2d6mC2&sig=Cg0ArKJSzOUr-aNC_knZEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H2 200 tsKrux3.js Show response
content.cdn.targetspot.com/content/act/beacon/ 2 KB
1 KB 12ms
12ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js

Requested by

Host: content.cdn.targetspot.com
URL: https://content.cdn.targetspot.com/content/act/beacon/_ts2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

8c007e748e664df1d5bbb06b94d29fbf7013fad64628494d2f5b5b1fe30a3078

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2017 16:10:04 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"592d995c-85b"
x-cache: STALE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://content-origin.cdn.targetspot.com/content/act/beacon/tsKrux3.js>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Sun, 15 Aug 2021 03:34:21 GMT

GET
H/1.1

200
OK

157fd79a-13ea-4a78-bd0e-e73fcc692165
nodeeu.targetspot.com/provider/AN/user/3008369172931243947/tspotId/
Redirect Chain

https://ib.adnxs.com/getuid?//nodeeu.targetspot.com/provider/AN/user/$UID/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165
https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fnodeeu.targetspot.com%2Fprovider%2FAN%2Fuser%2F%24UID%2FtspotId%2F157fd79a-13ea-4a78-bd0e-e73fcc692165
https://nodeeu.targetspot.com/provider/AN/user/3008369172931243947/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165

4 B
804 B

36ms
36ms

Image
application/json

31.12.68.105
TARGETSPOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nodeeu.targetspot.com/provider/AN/user/3008369172931243947/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165
Requested by: Host: 931elrey.com
URL: https://931elrey.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.12.68.105 , Belgium, ASN211945 (TARGETSPOT, BE),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 Aug 2021 03:34:13 GMT
X-Powered-By: Express
Content-Length: 4
Content-Type: application/json

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:34:21 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3a14d914-9960-4999-a85c-e4d3e5b0cd19
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: //nodeeu.targetspot.com/provider/AN/user/3008369172931243947/tspotId/157fd79a-13ea-4a78-bd0e-e73fcc692165
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controltag Show response
cdn.krxd.net/ 2 B
395 B 115ms
97ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=KZy9hbgr
Requested by: Host: content.cdn.targetspot.com
URL: https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 293
x-cache: MISS, HIT, MISS
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5147-BWI, cache-fra19157-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1628393662.649035,VS0,VE90
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=Microdata&dl=https%3A%2F%2F931elrey.com%2F&rl=&if=false&ts=1628393661657&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR%22%2C%22meta%3Adescription%22%3A%22%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22%7C%20Estaci%C3%B3n%20de%20radio%20en%20espa%C3%B1ol%20en%20Portland%20Oregon%20%7C%20La%20Autoridad%20en%20m%C3%BAsica%20Mexicana%20%7C%2093.1%20FM%20El%20Rey%20-%20Portland%2C%20OR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1628393661153.2094853797&it=1628393661014&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 931elrey.com
URL: https://931elrey.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E60 0
0 18ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubyHmEpTc0BnXohOyyto-N0Qiey0suuJBjSFflSmgn0_dGg8N--pS8qxdQa1U8jpCCCrll8syk3WidBB1i0AvGN19J1XNmW9QbW-oC2jSQpHVJ4QFIzBgQ3gOt9At-G_NIEqONsc8rcfS3-X0Xu3z4Ea-vMIk1bP_wVrT2bO6p77XtoD6jj--jc_ntCcgnovdHtZZontVfMmMrRIYz2c6yN8g6zFzketmpnEEDVoL9SG4elpdOCuV16T1gyssubjBcFA1CxyF0_ztgUjXmQ2GqEH7LrRRt5SY_oBnmgDtfS1jpjXUKD8o3Bbkvuw&sai=AMfl-YSQ-RrimSSo_5HUrL_u8ay3WQsyFU7x9F7n7ITtcL5ONsyCnoufZKMalOOZ1hmyMpY6Gps0jbh7xk80Gs7nRIMgpvLSIKt0rn7hnU83S-tfkAvuzJJLVK4WC4Dhj8qs&sig=Cg0ArKJSzJhrhFw6WuN8EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H2 200 p Show response
i.simpli.fi/ 753 B
1 KB 66ms
22ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=150871&cb=sifi_att_711892819978._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cb6398d11781b7d918cde5be73b6772075a0d9e0742b083e5d3f8b6f33d81181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

/
www.facebook.com/login/ Frame 1CB9
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

130ms
129ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c2e7c8ff97f8%2526domain%253D931elrey.com%2526origin%253Dhttps%25253A%25252F%25252F931elrey.com%25252Ff3a0112716a3ff8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F931elrey%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b1f57da4291479a24d51cb7dcae75381

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c2e7c8ff97f8%2526domain%253D931elrey.com%2526origin%253Dhttps%25253A%25252F%25252F931elrey.com%25252Ff3a0112716a3ff8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F931elrey%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://931elrey.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: RQG/pStGTuuU7UekPdq7mDPPc+zdabFuIDpwuiLmtm4o48x+bqRLYjyE0+DpTXbv7qLKspLQYsxScZ3aRP1QJQ==
date: Sun, 08 Aug 2021 03:34:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c2e7c8ff97f8%2526domain%253D931elrey.com%2526origin%253Dhttps%25253A%25252F%25252F931elrey.com%25252Ff3a0112716a3ff8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F931elrey%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: h01fiw8RYF+d7Z5fDnMIiC+evwtJn7qs/u9bt6dsHimqMCuGTctBOIZKnV2o1gCCX2H92UXfs7lLPVUyPPfHYA==
content-length: 0
date: Sun, 08 Aug 2021 03:34:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 38ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e7fd50ddda324d779626d3bca8c85c5a62569ab87972795f473a814bad49be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080401.js?31062161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:34:21 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=530D252723254D01AC06DBB96318FBDC

43 B
183 B

288ms
95ms

Image
image/gif

2600:1f18:612b:4200:3aa:8894:1069:c551
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=530D252723254D01AC06DBB96318FBDC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:3aa:8894:1069:c551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC

95 B
425 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=530D252723254D01AC06DBB96318FBDC
date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=530D252723254D01AC06DBB96318FBDC
https://d.agkn.com/pixel/10751/?che=1628393661&ip=89.249.64.171&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165020303872000019651
https://um.simpli.fi/aa_px?sk=165020303872000019651

43 B
409 B

19ms
19ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=165020303872000019651

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:34:22 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:34:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=165020303872000019651
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 69ms
20ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=530D252723254D01AC06DBB96318FBDC

0
0

99ms
38ms

Image
text/html

13.224.96.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=530D252723254D01AC06DBB96318FBDC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 70ms
20ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 21ms
20ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=530D252723254D01AC06DBB96318FBDC;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=530D252723254D01AC06DBB96318FBDC;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2004029078191650754

0
0

28ms
28ms

Image
text/html

13.224.96.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2004029078191650754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-76.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2004029078191650754
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0&xl8blockcheck=1

0
751 B

20ms
19ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=530D252723254D01AC06DBB96318FBDC&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 22ms
21ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=530D252723254D01AC06DBB96318FBDC

0
421 B

407ms
101ms

Image
text/plain

52.22.84.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=530D252723254D01AC06DBB96318FBDC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-84-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 08 Aug 2021 03:34:21 GMT

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=530D252723254D01AC06DBB96318FBDC

62 B
603 B

222ms
182ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=530D252723254D01AC06DBB96318FBDC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2

200

tpid=530D252723254D01AC06DBB96318FBDC
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC

49 B
743 B

45ms
45ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.61
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=530D252723254D01AC06DBB96318FBDC
cache-control: no-cache
x-server: 10.45.6.178
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC
https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC&dnr=1

0
433 B

15ms
14ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:34:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:34:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=530D252723254D01AC06DBB96318FBDC&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=530D252723254D01AC06DBB96318FBDC

0
66 B

36ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=530D252723254D01AC06DBB96318FBDC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1628393661795&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
64 B

42ms
22ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVAPYZzMM9GK7gOYwIvADg&cid=CAQSKQCNIrLMRG3RezEBukLM91qAJnjnrXmLuntZy0nkBDM1H2kTn86p1CWc&random=2990473107&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1726724483&cv=7&fst=1628393661795&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vVAPYZzMM9GK7gOYwIvADg&cid=CAQSKQCNIrLMRG3RezEBukLM91qAJnjnrXmLuntZy0nkBDM1H2kTn86p1CWc&random=2990473107&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC&__user_check__=1&sync_id=854af06c-f7f9-11eb-b40a-194044dd0506

43 B
548 B

27ms
27ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC&__user_check__=1&sync_id=854af06c-f7f9-11eb-b40a-194044dd0506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 08 Aug 2021 03:34:22 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=530D252723254D01AC06DBB96318FBDC&__user_check__=1&sync_id=854af06c-f7f9-11eb-b40a-194044dd0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=530D252723254D01AC06DBB96318FBDC

43 B
1009 B

15ms
15ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=530D252723254D01AC06DBB96318FBDC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 03:34:21 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b36168bd-6ffd-49b5-90cc-5e7528f874ea
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://ib.adnxs.com/setuid?entity=66&code=530D252723254D01AC06DBB96318FBDC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=530D252723254D01AC06DBB96318FBDC&expires=365

0
239 B

89ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=530D252723254D01AC06DBB96318FBDC&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=530D252723254D01AC06DBB96318FBDC&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 07 Aug 2021 03:34:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=530D252723254D01AC06DBB96318FBDC
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=530D252723254D01AC06DBB96318FBDC

43 B
180 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=530D252723254D01AC06DBB96318FBDC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=530D252723254D01AC06DBB96318FBDC
date: Sun, 08 Aug 2021 03:34:21 GMT
via: 1.1 google
server: OXGW/16.213.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEO78JnHYIjJT0yO4s3tnG1U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=530D252723254D01AC06DBB96318FBDC
https://um.simpli.fi/g_match?id=

0
320 B

19ms
19ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 07 Aug 2021 03:34:21 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1E84 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://931elrey.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://931elrey.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 07 Aug 2021 11:11:09 GMT
expires: Sun, 07 Aug 2022 11:11:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 58992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F3C 783 B
532 B 23ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f020e9b583b1a2feeea43f031be2fe9dfca3070b5c9830f2fb8a2fe326e4a1fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SbJvk2bOqn8qY2ObA7Ig6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://931elrey.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://931elrey.com/

Response headers

expires: Sun, 08 Aug 2021 03:34:21 GMT
date: Sun, 08 Aug 2021 03:34:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SbJvk2bOqn8qY2ObA7Ig6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E84 35 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 12:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Aug 2022 12:48:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080401&jk=2592092220881990&bg=!jI-lj8vNAAals0SOpbM7ACkAdvg8WlvaFXRo5B1-Zz7W2LoA5pJB7p2kGHtR0hloFomt_HSuJl2__QIAAABnUgAAAAxoAQcKAQrhXt5fWSvNIQFoSwcGkU1ZDoYFODr-oo3-u3v7w04OF0psltRQNsIPMpN9dJyDiQFFivNmywEIAMwwGF_LgcURuYwGuepxVU9ElZA-r1EYveuuPLHeFmuN220lx0QHZ_oFMtEmmOhQfgImh1y_0qL1Zmpg7FmOFH_rxtIavnKp8SbCI1R6pPR_Ze17PjNcBzPfYfhDIZWLb-Jl59X0nZtAk80qfw7GJOUIuNBgdk6TKiMQxG3oKCGFwXvRMhLN_MBh5654wIjRtNWpbhdgM71j04Tr0AvDkxpwvqjW-pS-deDTkPP433gRYsRmTfO54xaanK1Yf42ZGMGeKk0-rQgRhW2HYGYrhQwEEJkCbElnvRCacjOkNsiddktUzi2syUyUvRuZTa16l1wAMLCD7hFXhovwf9LJnPJf-q9q84-Dwtt57dsUCz0GRXKVLsPD3bhPs0sLqFDbFmhi4F6PXI3sLtr7C3KXaIaFEFcxXBs2SZbnXTyIjwGRGFs6ZW-BTvheHg6E4hS4SOzaPiJkd5x5gDQvVQw6ioojpuVtGI02aYQvlxtvxyMSrnfZfarRWxxUUBIG3Oanx82H2F_rYSoHPhw-Ls5rdsxsWQootPOb82p7Hr_A4mD9m3Vl6KsuHx5kxMMTXNR3Kna9nJLBiKTtF1XZ-Vdzqeo8Aip8MwyxZrU7CFEWi_ZY7KKn_UKF6ck2IBiLednYw9X0K_UaRPtqy2-mwwYdIS2U8zOM68jwS3oZX9ZQuccEwPwlHdYwaQGk818u4-ku3lOZjsJkXrhraiKD8GUtaPJUmmGpsFsBNS5lm8idmnE2bVfAKYBfo1ppMbMXrvRcZ8IZXOmSV-nSBm2mXhP6nzcSPctqSUWRWswWUkC0lkVgkZ4-fh4iFYfZ69d6_pXNzKhQmxf9b4cBME6OeYjLTiawjodTSJ5pzRK7tl5bJ5sj-BJ2z7XpfIItxlwA1hFZCGTI9-_me3BN7d6gGcklnB__wjXsit5R32tH77gN_tBUzC4n7EjdFU4yel0bn81PUg4703CQhhHyk5UZ9G2L1Nx-y9GLsZm7orL3pffwIH3g1DeaxixkJsmkCiEUSFp8rlS4_Ya1B3ulOO2keRMcGu3KWqRMlJBdvFw_WU-qNjuQkbkSqtZKLibbC2MooX6JSSCYx6teQvT5bHq0bkOJhWms

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6ABE 42 B
64 B 28ms
14ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss54aZj3hsHYTA3eWfNoZwpVL-n3baCWzbRqLBye6RfLm0pUBWWtHpzN1wcGOJwzki7gsZ--3a9xydbVj74umIEsighvaZjeysgCbeI2bWs5R6PSTFs&sig=Cg0ArKJSzJ_z1qg2ju0CEAE&id=lidar2&mcvt=1000&p=1101,200,1211,1080&mtos=182,1000,1000,1000,1000&tos=182,818,0,0,0&v=20210806&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3167312183&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628393661226&rpt=270&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 096C 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk0LJsuJwzurxTepQF8Z-UgN3V8jtOeao7Mc4NWqjR2gRs-4tJTp_IGz5GYV2zrXttrNIFK5He2Gi8wm31ztRyQDadoeL_GtjMBTfmZVAg1N5dt8ZR&sig=Cg0ArKJSzMLZDiMiA4wEEAE&id=lidar2&mcvt=1000&p=0,200,150,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4209905863&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628393661181&rpt=285&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE6C 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRKkVaYLXkTnWp5-Etm9xZbZQxujvs2rq4shKlM0FQSQDO2nhiNmLvKKNEuQNTXlzDLzIczX_vWIht_MErN2lKaudY-U77oGj7XZmfv2Enkn1-obaS&sig=Cg0ArKJSzK4AoKWbC-FaEAE&id=lidar2&mcvt=1005&p=656,200,806,1400&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210806&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4209905856&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628393661274&rpt=268&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 03:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
pre.ads.justpremium.com/v/1.0/t/ Frame 7FB2 4 KB
4 KB 23ms
22ms Document
text/html 52.58.248.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d6aa7d362b83e1ef875329bf323b70f0d8632cdc8cbd5cc6bbf1245d1e1c2492

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://931elrey.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://931elrey.com/

Response headers

date: Sun, 08 Aug 2021 03:34:23 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H2 200 / Show response
us.ads.justpremium.com/adserve/client/ Frame 5E60 5 KB
1 KB 38ms
37ms XHR
application/json 52.58.248.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/client/?zone=112331&debug=1&ru=https%3A%2F%2F931elrey.com%2F&sw=1600&sh=1200&ww=1600&wh=1200&ui=r-25a2bd9e-1ec9-49ae-a489-55d5931edfc6-25489-837945438&tt=1628393663552&rid=r-15f1ef6c-551b-48f0-a81e-8f56a0a3b6f3-25489-837898334&eu=1&cs=
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=112331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3b73bbaeec2e12ad950761cf3183824ed71693eda95d06ea985ac4ca18858b33

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-origin: https://931elrey.com
date: Sun, 08 Aug 2021 03:34:23 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.0
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

4 KB
2 KB

13ms
13ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:34:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3211604
fly-request-id: 01F9J6C67JE64Y1WP2JP65WQW4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"11c8-h8MN9BiDN1TuDYM8xSzz31D62dA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67b5b04dabd205bf-FRA

Redirect headers

date: Sun, 08 Aug 2021 03:34:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01F9J6DG5AT55A9D46CE12KRD9
server: cloudflare
age: 3211561
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.0/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67b5b04d8bbb05bf-FRA
access-control-allow-origin: *

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame E2AA 43 B
332 B 15ms
15ms Image
image/gif 18.193.17.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-15f1ef6c-551b-48f0-a81e-8f56a0a3b6f3-25489-837898334&sid=r-bd778f39-1871-400a-9242-3180ba16db8f-44676-3560696&uid=&vr=v2.29.408&ru=https%3A%2F%2F931elrey.com%2F&tt=1628393663599&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=afhvbzd1628393663599&et=&aid=419356,419356,419356,419356,419358,419358,419358,419358,419359,419359,419359&said=1087290,1087291,1087292,1194891,1087298,1087300,1087299,1194895,1087302,1087303,1087304&ei=22368244%2C20254127%2C430430%2C1194891%2C22368246%2C430427%2C20254129%2C1194895%2C22368247%2C20254130%2C430429&fc=sa,sa,sa,sa,pu,pu,pu,pu,ca,ca,ca&sp=1,32,39,42,1,39,32,42,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112331&dr=47&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A3448%7D&ty=ex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.17.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-17-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:23 GMT
Last-Modified: Wed, 23 Jun 2021 07:56:00 GMT
Server: nginx
ETag: "60d2e910-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

POST
H2 200 / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ Frame 5E60 2 B
212 B 146ms
145ms XHR
application/json 52.58.248.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1628393663601
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://931elrey.com
date: Sun, 08 Aug 2021 03:34:23 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame E2AA 43 B
332 B 15ms
14ms Image
image/gif 18.193.17.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-15f1ef6c-551b-48f0-a81e-8f56a0a3b6f3-25489-837898334&sid=r-bd778f39-1871-400a-9242-3180ba16db8f-44676-3560696&uid=&vr=v2.29.408&ru=https%3A%2F%2F931elrey.com%2F&tt=1628393663662&siw=960&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=eu-central-1&sd=&_c=a2sccbq1628393663662&et=&aid=419356,419356,419356,419356,419358,419358,419358,419358,419359,419359,419359&said=1087290,1087291,1087292,1194891,1087298,1087300,1087299,1194895,1087302,1087303,1087304&ei=22368244%2C20254127%2C430430%2C1194891%2C22368246%2C430427%2C20254129%2C1194895%2C22368247%2C20254130%2C430429&fc=sa,sa,sa,sa,pu,pu,pu,pu,ca,ca,ca&sp=1,32,39,42,1,39,32,42,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=112331&dr=110&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A3448%7D&ty=adr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.17.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-17-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 03:34:23 GMT
Last-Modified: Wed, 23 Jun 2021 07:56:00 GMT
Server: nginx
ETag: "60d2e910-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

POST
H2 200 / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ Frame 5E60 2 B
212 B 145ms
144ms XHR
application/json 52.58.248.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1628393668860
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://931elrey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://931elrey.com
date: Sun, 08 Aug 2021 03:34:28 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.931elrey.com/	1970-01-20 05:41:29	Name: __gads Value: ID=ba19161dc5a6076a-2238248499c80095:T=1628393661:S=ALNI_MZsTP3sPJVDJkF0NJvFp0wuWmJOKw
931elrey.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.931elrey.com/	1970-01-19 20:19:53	Name: _gat_AllStationsTracker Value: 1
.931elrey.com/	1970-01-19 20:19:53	Name: _gat_TeachingTalkTracker Value: 1
.931elrey.com/	1970-01-19 20:19:53	Name: _gat Value: 1
.931elrey.com/	1970-01-19 22:29:29	Name: _fbp Value: fb.1.1628393661153.2094853797
.931elrey.com/	1970-01-19 20:21:20	Name: _gid Value: GA1.2.692982056.1628393661
.931elrey.com/	1970-01-20 13:51:05	Name: _ga Value: GA1.2.654959740.1628393661

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js(Line 1) Message: No root component could be found matching the component name:
console-api	log	URL: https://simorigin.blob.core.windows.net/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~tuition2020.3d148ec958d956af7961.js(Line 1) Message: No root component could be found matching the component name:
console-api	log	URL: https://salemlivechat.com/scripts/invitation.ashx?company=krypfm(Line 1) Message: Exceptional Case: No Cookie, No Web Storage Supported/Enabled on Browser!!!!
console-api	warning	URL: https://salemlivechat.com/scripts/invitation.ashx?company=krypfm(Line 4) Message: Invalid company specified.
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/_ts2.js(Line 3) Message: Targetspot Cookie loaded
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js(Line 1) Message: Deploying Krux
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: %c(00:02:251.50)%cJAdManager: version v2.29.408 initialized padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.29.408/jpx.js:1:215665)
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js(Line 3) Message: Getting Krux Segments
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js(Line 10) Message: Krux User:
console-api	log	URL: https://content.cdn.targetspot.com/content/act/beacon/tsKrux3.js(Line 12) Message: Krux Segments:
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: %c(00:04:389.20)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.29.408/jpx.js:1:80637)
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: %c(00:09:646.40)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.29.408/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.29.408/jpx.js:1:80637)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: .sim-cms.net http://sdk.listenlive.co http://.streamtheworld.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https: http://cdn.saleminteractivemedia.com; media-src 'self' blob: data: https: http://.streamtheworld.com; worker-src blob: .sim-cms.net 'self'; font-src data: https://* 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cba7a9c601b81f842461921dbfe8bb1.safeframe.googlesyndication.com
931elrey.com
aa.agkn.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
campaign.aptivada.com
cdn.jsdelivr.net
cdn.justpremium.com
cdn.krxd.net
cdn.saleminteractivemedia.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
content.cdn.targetspot.com
d.agkn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
node.targetspot.com
nodeeu.targetspot.com
np.tritondigital.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pre.ads.justpremium.com
s.ntv.io
salemlivechat.com
securepubads.g.doubleclick.net
simorigin.blob.core.windows.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
tpc.googlesyndication.com
tracking.justpremium.com
um.simpli.fi
unpkg.com
us-u.openx.net
us.ads.justpremium.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
104.111.215.191
13.224.96.76
13.224.96.92
13.32.123.5
142.250.184.194
142.250.185.226
151.101.14.133
169.50.137.176
169.50.137.179
169.50.137.190
18.193.17.216
18.198.69.109
185.94.180.125
2.18.234.163
205.185.216.42
208.92.55.26
216.58.212.162
2600:1901:0:8eee::
2600:1f18:612b:4200:3aa:8894:1069:c551
2606:4700:20::681a:3b3
2606:4700:20::ac43:49d1
2606:4700::6810:7aaf
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a0b:4d07:102::1
3.120.52.200
31.12.68.105
31.12.71.114
35.227.248.159
35.244.159.8
35.244.174.68
37.252.172.38
52.22.84.205
52.239.154.36
52.30.140.199
52.58.248.241
52.59.79.213
54.146.124.230
69.173.144.165
72.251.249.9
04829856ffedd79d2eb3ae2ce6190c6af84e4f09a89612418e9a4c60cccfb24b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123ed0cce1f14220b8ad50095f1532aab11483a2be38b74d4f7fb221789eb4ce
1387c8b1c9454d2bebe1ca54225ec54a396d05ffd38a716ceb64e6a58409d7aa
14917314d4db40117cb83e5341762a9dc4c427957e2fd342d07cbe165819fc16
1bdffab914ab35eced15a12b97ec8aa3fe7233f5fc0fac8723c8a5dca8d256c1
1e8e7874dea32de8193fa5d1279e90733ea0b98ef78f484989c520522cf6f06e
22a4dd30fc69ecf0e04233e86f56398bb310fa5fae3eb04fbe6acded35540bd3
267276cf7037be23242b32c121b2475b657f4203900e5f063363c35eadac3975
278e707675bea29729953cf6872cc72f51e2cb9a1aa257c5661e6a5a26d47e2b
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055
2942de285db206aa1f7d2a58829e698f419668f3bebd44aa837537ec4f847962
2eb513fa663a154c7860659d511b87bbc5a962b00b0c910e7826b73a2f93863f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3b73bbaeec2e12ad950761cf3183824ed71693eda95d06ea985ac4ca18858b33
3c667fd8592fe5a897153b16c9043fc60cf5f25691b717f4337381cf32cb8858
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d1be74cb3aec457316d99eb377ed161e1021ef59ced2a5d4c707c5871396da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47ebd3b5cf4fecacc0dc547767abd6dd6e50079f32e5bb2cfd1a978aac3d44b2
4b4c6bb82a815f3fee23c04705c90cd4486a789d316903960a1b0275f7e6eea5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
532cef99cbd13f128761271ae602b8ffd903c081080181a6b7e642880871c94f
53a17bcd072e99e64350790151e71b15af0be7ad7ec16d18d7bf8d84f461011d
598b1b0dd685aa16a2ceec97499b1973b030a7c498d367ff98a7c732fd7c3d32
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6420376eb65b3ff584d1242daf86334c85a37ce98e529e6340a842612faf8a56
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d34b7c87a0fb79708d3f672f48dd9e2dd8c5d7244927c30e14fed0d117b7fa5
6db3eb1494aa0a0e4c95ae4a7bd01a41177f2d1d8c4480be825b186bbe766b4d
6ff0460e85b4d4ba1f4734d658c6858187e2f56d6157e79d4b4afaf43a852844
75e7fd50ddda324d779626d3bca8c85c5a62569ab87972795f473a814bad49be
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b941c805f98d27de3c33154d84033ba9865e3f241cd0b150ef42edd1843d571
7fa0051e51b760e43f5d7342db0fbaa4c5b74aecafab393323e6763a213bd6ec
808bc59a090192405773b8240b08316833c8a4039ea47c0ac3c7f1ef191216c7
81d1dd900aaa2149d2349c9fc69939e68ed69fe4ce808563565d492a779d9547
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89dea1d1850ddef639a17ee3eca1f0c2b803b18f0439148d975e8c9fcdc781a1
8c007e748e664df1d5bbb06b94d29fbf7013fad64628494d2f5b5b1fe30a3078
8e6a2d1bd8e2d064c2a4fda6cf9b91368d53448a8db00ec8f336419ce40dc1fb
98673748465dcf724a8cc37d8a11a95b7a77543d46a5dc8b195c8b2832c29fc6
9ef806f7f1a984747ed95c127a4bcecd083ac8b8c88f8007c7535675a196ae20
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d5455e45854fb283989af0ccb252db63003b08d9c07df9e645a5f387160b18
a36ffb842999697b16eed34b792f2ff03889132b1425b697194145cad8ca27d7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68bb88cb8ab82781248447ef4bcebf56473589faf539348d35298b9e3d2727a
a70de6f7df22a25af4454d6d4add49c946e6200ce6bf9749821c4bbe1158c115
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b274ecb390dca4ade5d9cb21fb8c31e4b0190df32b54a583c7fdc30a110436b8
b28e278925b8d63b4572f6b5af39d59b182704f56d89e3409ed0cae78cbe4dac
b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b
b601fe423901df44868501064e95dccff6dfa8cca74eba11251776c9fcbb3d52
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7bd13a245729dab7cc7ace97ba3c607cb93da725ed88220e7aaf4872a3361f8
bdeb7ae02419fe749290dd6e6b3bfa9776f0382087e2261ef03a6849a49b0906
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca5aa3ff7aa55254c3f56ccae0499832b4ec1ef96e9fcc400f7f453a40a30b46
cb6398d11781b7d918cde5be73b6772075a0d9e0742b083e5d3f8b6f33d81181
cf28ab665f8ba85712268ec185095c92de340a2be2697db60898b34814860acc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d133cc9352b2595cfa5c57bd7b7ce6acff168e5d0c3c3eef317991785424b20d
d3722344dc2b0b07af6a39d0594966bede1a0dbdf0e524795cc6aaab2a6e2845
d6aa7d362b83e1ef875329bf323b70f0d8632cdc8cbd5cc6bbf1245d1e1c2492
dc22c35c6c8437f0abd22b774896550ce729d505e7959831f67325d98bbe9976
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fa83699450c75b020380ba5266e17bc2a8a687dcada9236f95293598cacf
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8131429fa1cca4e679a6792f1b8168da3493fe8daa272baba01f54dacbfb2df
e91e97f32c3d1deb87a6673c372437d179c6c8256ebcbc4db8722e6abdef52d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f020e9b583b1a2feeea43f031be2fe9dfca3070b5c9830f2fb8a2fe326e4a1fa
f482187956d08a02a6cdf3a1f28ed89218b010ea9eb9f7648effca6a24f89115
f6e15ccb85feb07755c78f0cb86fe9a3cc1b3dd67c379b6a6cc63fa6bf5b2b1a
f85aea20f7e0b7880e8b689cbe76f581ca92b81eee820ddedcd2f63891762f89
fbc32b9225adecd1264332d7cfae20e1f76eae111dc980dc3a41cdeaba663fed

931elrey.com Open in urlscan Pro 2606:4700:20::681a:3b3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

93 %HTTPS

44 %IPv6

42 Domains

57 Subdomains

51 IPs

7 Countries

2660 kBTransfer

5420 kBSize

8 Cookies

14 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

931elrey.com Open in urlscan Pro
2606:4700:20::681a:3b3 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

93 %
HTTPS

44 %
IPv6

42
Domains

57
Subdomains

51
IPs

7
Countries

2660 kB
Transfer

5420 kB
Size

8
Cookies

164 HTTP transactions
-1 data transactions