urlscan.io logo urlscan.io
SecurityTrails logo

www.expreso.ec Open in urlscan Pro
151.101.130.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.expreso.ec/
Effective URL: https://www.expreso.ec/
Submission: On October 24 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 9 countries across 36 domains to perform 111 HTTP transactions. The main IP is 151.101.130.133, located in United States and belongs to FASTLY, US. The main domain is www.expreso.ec.
TLS certificate: Issued by R3 on October 17th 2021. Valid for: 3 months.
This is the only time www.expreso.ec was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 151.101.130.133 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 172.217.23.98 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
1 142.250.184.194 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.97.58 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
1 18.66.112.71 16509 (AMAZON-02)
1 3.17.33.216 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.69 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 200.32.12.162 7303 (Telecom A...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 64.227.27.145 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.15.107.106 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2 3.127.92.82 16509 (AMAZON-02)
6 142.250.185.130 15169 (GOOGLE)
1 1 169.50.137.190 36351 (SOFTLAYER)
2 2 37.157.4.25 198622 (ADFORM)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 52.203.215.67 14618 (AMAZON-AES)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 34.204.114.16 14618 (AMAZON-AES)
1 52.72.73.135 14618 (AMAZON-AES)
1 213.19.147.42 26120 (RHYTHMONE)
1 185.33.223.178 29990 (ASN-APPNEX)
111 43
13    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.expreso.ec
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    199.232.136.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    18.66.97.58 (United States)

ASN16509 (AMAZON-02, US)
d31qbv1cthcecs.cloudfront.net
1    3.129.250.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
1    18.66.112.71 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    3.17.33.216 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-33-216.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    200.32.12.162 (Argentina)

ASN7303 (Telecom Argentina S.A., AR)
PTR: lvi-kmmail.lavozdelinterior.net
libs.lavoz.com.ar
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
3    64.227.27.145 (Jacksonville, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
adserver.latinon.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2600:9000:223c:5000:18:e253:91c0:21 (United States)

ASN16509 (AMAZON-02, US)
dkae4asr0dphj.cloudfront.net
1    2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
1    52.15.107.106 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-107-106.us-east-2.compute.amazonaws.com
capi.connatix.com
8    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.203.215.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-215-67.compute-1.amazonaws.com
suscripcion.expreso.ec
3    2a02:26f0:6c00:28a::2c79 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
vast.aniview.com
player.aniview.com
2    34.204.114.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-114-16.compute-1.amazonaws.com
track1.aniview.com
1    52.72.73.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-73-135.compute-1.amazonaws.com
gov.aniview.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    185.33.223.178 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
Apex Domain
Subdomains		 Transfer
19 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
199 KB
17 googlesyndication.com
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
94 KB
14 expreso.ec
www.expreso.ec
suscripcion.expreso.ec
286 KB
6 aniview.com
vast.aniview.com
player.aniview.com
track1.aniview.com
gov.aniview.com
199 KB
6 google.com
www.google.com
adservice.google.com
2 KB
5 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
95 KB
4 google.de
www.google.de
adservice.google.de
1 KB
3 latinon.com
adserver.latinon.com
9 KB
3 facebook.com
www.facebook.com
561 B
3 cloudfront.net
d31qbv1cthcecs.cloudfront.net
dkae4asr0dphj.cloudfront.net
27 KB
3 onesignal.com
cdn.onesignal.com
onesignal.com
73 KB
3 facebook.net
connect.facebook.net
201 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 googletagservices.com
www.googletagservices.com
101 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 adform.net
c1.adform.net
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 t.co
t.co
590 B
2 cloudflare.com
cdnjs.cloudflare.com
24 KB
1 adnxs.com
ib.adnxs.com
736 B
1 1rx.io
tag.1rx.io
170 B
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 simpli.fi
um.simpli.fi
713 B
1 connatix.com
cd.connatix.com Failed
capi.connatix.com
139 B
1 4dsply.com
cdn.engine.4dsply.com
64 KB
1 youtube.com
www.youtube.com
1 lavoz.com.ar
libs.lavoz.com.ar
254 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 vidoomy.com
ads.vidoomy.com
7 KB
1 googleadservices.com
www.googleadservices.com
15 KB
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 googletagmanager.com
www.googletagmanager.com
64 KB
1 ampproject.org
cdn.ampproject.org
9 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
111 36
Domain Requested by
13 www.expreso.ec 1 redirects www.expreso.ec
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.expreso.ec
8 tpc.googlesyndication.com 1 redirects 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 pagead2.googlesyndication.com 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 cm.g.doubleclick.net www.expreso.ec
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
5 www.google.com www.expreso.ec
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 encrypted-tbn1.gstatic.com 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
3 adserver.latinon.com www.expreso.ec
adserver.latinon.com
3 www.facebook.com www.expreso.ec
3 www.google.de www.expreso.ec
3 connect.facebook.net www.expreso.ec
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagservices.com www.expreso.ec
securepubads.g.doubleclick.net
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
2 track1.aniview.com
2 player.aniview.com dkae4asr0dphj.cloudfront.net
player.aniview.com
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 dkae4asr0dphj.cloudfront.net www.expreso.ec
2 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 t.co www.expreso.ec
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 cdnjs.cloudflare.com www.googletagmanager.com
1 ib.adnxs.com player.aniview.com
1 tag.1rx.io player.aniview.com
1 gov.aniview.com player.aniview.com
1 vast.aniview.com dkae4asr0dphj.cloudfront.net
1 suscripcion.expreso.ec libs.lavoz.com.ar
1 pixel.rubiconproject.com 1 redirects
1 um.simpli.fi 1 redirects
1 encrypted-tbn3.gstatic.com 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
1 www.gstatic.com 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
1 capi.connatix.com www.expreso.ec
1 cdn.engine.4dsply.com www.expreso.ec
1 www.youtube.com www.expreso.ec
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 libs.lavoz.com.ar www.expreso.ec
1 onesignal.com cdn.onesignal.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 cdn.jsdelivr.net www.googletagmanager.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.expreso.ec
1 certify.alexametrics.com www.expreso.ec
1 ads.vidoomy.com www.googletagmanager.com
1 d31qbv1cthcecs.cloudfront.net www.expreso.ec
1 www.googleadservices.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googletagmanager.com www.expreso.ec
1 cdn.ampproject.org www.expreso.ec
0 google2waycm.netmng.com Failed 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
0 cd.connatix.com Failed www.expreso.ec
111 52

This site contains no links.

Subject Issuer Validity Valid
*.expreso.ec
R3		 2021-10-17 -
2022-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.lavoz.com.ar
Go Daddy Secure Certificate Authority - G2		 2020-08-10 -
2022-08-31		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
adserver.latinon.com
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
suscripcion.expreso.ec
Go Daddy Secure Certificate Authority - G2		 2021-02-19 -
2022-03-23		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.expreso.ec/
Frame ID: 69A29280F547767D08E0F90E61DE6CBA
Requests: 80 HTTP requests in this frame

Frame: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 51852B950F1A9702E4236D2E6F427C90
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UmT1LW87VIQ
Frame ID: 6E220DFD945B862E637C329D18D0876E
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js
Frame ID: 6F7E46DE4BBB8A1E99EEDB19A30C6E11
Requests: 1 HTTP requests in this frame

Frame: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CCA7F807CDF131925FA16E0C9F2642FE
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4311358F935AC12C8CB49070D41DB48E
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Frame ID: 7630FA694D1CEDAC8D936D04B70FA302
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E2AE6880A7F675DB48F3711FBA7889CD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D77933188072A08AEAF3F68284E24F4E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.expreso.ec/ HTTP 301
    https://www.expreso.ec/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

111
Requests

97 %
HTTPS

51 %
IPv6

36
Domains

52
Subdomains

43
IPs

9
Countries

1754 kB
Transfer

4810 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.expreso.ec/ HTTP 301
    https://www.expreso.ec/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi HTTP 301
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
Request Chain 83
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF0xnBVqJ9gr4W84syWhqD9vB7xZ1SlDqkEYuwA2AmD0-UQG4dUn5Kf HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF0xnBVqJ9gr4W84syWhqD9vB7xZ1SlDqkEYuwA2AmD0-UQG4dUn5Kf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHByV2xJcGYxTUVzU201&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF0xnBVqJ9gr4W84syWhqD9vB7xZ1SlDqkEYuwA2AmD0-UQG4dUn5Kf
Request Chain 84
  • https://um.simpli.fi/gp_match?google_gid=CAESEDJPx3I-V1izDWiZldEFkbg&google_cver=1&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO_uC4x5vaS-q4U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CFCA6079FA4BE88D34881CEAC29005&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO_uC4x5vaS-q4U
Request Chain 85
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPHyxKG8ZqgG4LaPz0ZIDtI&google_cver=1&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy0B5P-QXbb3Kjxo1akHUM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPHyxKG8ZqgG4LaPz0ZIDtI&google_cver=1&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy0B5P-QXbb3Kjxo1akHUM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2Njk5ODE3NzM0MzMxODE0OQ&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy0B5P-QXbb3Kjxo1akHUM
Request Chain 86
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKes_HDIcTB_3VgM2McxLb4&google_cver=1&google_push=AYg5qPLqxHOTOz_qWYd2Px_ZhG3uTyrBIXKgbwe0RFgDpzQkQ9QfkqAlGEM4QtVhOdSZIJ_0hQQisEUyIQmbV8nluBwgkBKxmvog HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKes_HDIcTB_3VgM2McxLb4&google_cver=1&google_push=AYg5qPLqxHOTOz_qWYd2Px_ZhG3uTyrBIXKgbwe0RFgDpzQkQ9QfkqAlGEM4QtVhOdSZIJ_0hQQisEUyIQmbV8nluBwgkBKxmvog&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HK9LTfAvQ2W5Xd6Ba0N0Ow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqxHOTOz_qWYd2Px_ZhG3uTyrBIXKgbwe0RFgDpzQkQ9QfkqAlGEM4QtVhOdSZIJ_0hQQisEUyIQmbV8nluBwgkBKxmvog
Request Chain 87
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBuVfU7kHHfVGicUThRZE3k&google_cver=1&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxED7t62Y6PDHxZ2Eb6hNGsOrbHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDhUTUctMVMtS0kxSQ==&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxED7t62Y6PDHxZ2Eb6hNGsOrbHw
Request Chain 88
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_cver=1&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.expreso.ec/
Redirect Chain
  • http://www.expreso.ec/
  • https://www.expreso.ec/
169 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7375d14e433da294fb0419ec5a46d63b5531dfede361bac0fea236929e65b055

Request headers

:method
GET
:authority
www.expreso.ec
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Oct 2021 02:04:40 GMT
age
295797
vary
Accept-Encoding
cache-control
max-age=3600, public
content-encoding
br
accept-ranges
none

Redirect headers

Retry-After
0
Location
https://www.expreso.ec/
Content-Length
0
Accept-Ranges
bytes
Date
Sun, 24 Oct 2021 02:04:40 GMT
Connection
close
x-compress-hint
on
Cache-Control
max-age=3600, public
913e313.css
www.expreso.ec/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/css/913e313.css?1634744243
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fca1cdb930301c50484f28f340d2a4f32cfb37cb1e64ed6502c25e8b7fdca6bd

Request headers

:path
/css/913e313.css?1634744243
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:38:43 GMT
age
295794
etag
"61703803-3395"
vary
accept-encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
none
c982dc0.css
www.expreso.ec/css/ 		110 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/css/c982dc0.css?1634744243
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
626a4762413f8f79b2190fbec7c91aff486b776802c089a752dcdacc05dffdf5

Request headers

:path
/css/c982dc0.css?1634744243
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:38:45 GMT
age
295758
etag
"61703805-1b677"
vary
accept-encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
none
categories-colors.css
www.expreso.ec/assets/css/ 		5 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/assets/css/categories-colors.css?d=1618852721
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
117178769f0f7029c36077906786f3465f897be6fef61af90da8e53577b5622f

Request headers

:path
/assets/css/categories-colors.css?d=1618852721
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
cache-control
max-age=31536000, public
age
295794
accept-ranges
none
content-encoding
br
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8bff5a27090405fb51a060edccbda9b657d4ba158d41df502ada744a346b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 271 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:04:40 GMT
pages.js
www.expreso.ec/advertisement/ 		27 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/advertisement/pages.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ea49b3bdd2d1b92e250538e82ab9d24d6edc5e660d544fe489e125490daf9a2

Request headers

:path
/advertisement/pages.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
cache-control
max-age=31536000, public
age
295795
accept-ranges
none
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47e1e9731efe05b249ed238fef1df90c716ee960f6889ed462d9def49c6c7bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8386
x-xss-protection
0
server
sffe
date
Sun, 24 Oct 2021 02:04:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"709bb4ba6e9ebfa3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Oct 2021 02:04:41 GMT
Logo-expreso.png
www.expreso.ec/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expreso.ec/images/Logo-expreso.png
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
389a411db19283b72c3c5b264d837e88024ba013f88dd3dac7d192cc6db22f0d

Request headers

:path
/images/Logo-expreso.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295796
etag
"61703680-1324"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
none
logo-club.png
www.expreso.ec/images/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expreso.ec/images/logo-club.png
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a62113caa7c0fd1c93f276283df4387869c57203ee4f11e031e642b73def024

Request headers

:path
/images/logo-club.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:40 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295796
etag
"61703680-2a30"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
none
gtm.js
www.googletagmanager.com/ 		186 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fad09e3a47e1116b65ea2355e1a14ee813b131b7cab0c62b84c61b634a3e874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
65392
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:04:41 GMT
fa-brands-400.woff2
www.expreso.ec/css/fonts/fontawesome/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/css/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/css/c982dc0.css?1634744243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

:path
/css/fonts/fontawesome/fa-brands-400.woff2
pragma
no-cache
origin
https://www.expreso.ec
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.expreso.ec
referer
https://www.expreso.ec/css/c982dc0.css?1634744243
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.expreso.ec/css/c982dc0.css?1634744243
Origin
https://www.expreso.ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295796
etag
"61703680-119b0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
none
fa-solid-900.woff2
www.expreso.ec/css/fonts/fontawesome/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/css/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/css/c982dc0.css?1634744243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

:path
/css/fonts/fontawesome/fa-solid-900.woff2
pragma
no-cache
origin
https://www.expreso.ec
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.expreso.ec
referer
https://www.expreso.ec/css/c982dc0.css?1634744243
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.expreso.ec/css/c982dc0.css?1634744243
Origin
https://www.expreso.ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295797
etag
"61703680-1226c"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
none
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124656
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:34:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:04:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		182 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.expreso.ec
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
027b2e797eff92e89a3f8ee4223124f21ca241230399410046a37f5dcbdaccef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Sun, 24 Oct 2021 02:04:41 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.13.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.13.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa50e92f12976b59733e3279bdb58b0d66f1b874fc77f45e1f813a7410d14680
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15388698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1315
cf-request-id
09bc672b1b0000dfc37d88e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcMY1nMz3En%2FIBo3dBJgOzpy%2FgrHuQO3MlhFpAu1QPMjKDxyJobFI0aiS4n%2Fx9LyshNSQgEKAA6HwbRwuYw01xch2Pap80NtW8eCBux%2FjGOtiv5eam6WFumOcDr%2F5sGGaXozO84RVSn623Ak4gL4gAsp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a2fa2c4e9034eb5-FRA
expires
Fri, 14 Oct 2022 02:04:41 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
247
date
Sun, 24 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:00:34 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-HE
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200142-IAD, cache-hhn11531-HHN
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14430
x-xss-protection
0
server
cafe
etag
16924264664223707549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 02:04:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
GsZ3lS05NqKnIjG5wv5G4eCJVdRcTt+BOm78CkJfWOMUleU30IzMDY5ldfSuYTpyNzDKG70gAzm2Fk9l54LWsg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:04:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1364
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a2fa2c4fb77695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 27 Oct 2021 02:04:41 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
15494235
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
2KimYyA2GEHIcg8tbsGRScztqZiCeXkR6MlJKWqfD_aJ0o8D9kBb9w==
expreso_663.js
ads.vidoomy.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/expreso_663.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
5bea7d0cce7b62a7face177e0384769971a5b0fdc90a77102e2d411a6a2b7701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:04:41 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
6894
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&time=1635041081145&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.expreso.ec%2F&random_number=13604931312&sess_cookie=3a72df4617cb00af738342ac984&sess_cookie_flag=1&user_cookie=3a72df4617cb00af738342ac984&user_cookie_flag=1&dynamic=true&domain=expreso.ec&account=mXX3n1aMp4100k&jsv=20130128&user_lang=en-US
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 02:07:26 GMT
Via
1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
86606
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA56-P5
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
O2uh5205ZPrDW4GQUqNKqd30lBlbZuz__Qpn2F9d5sAAnDLQL0mPsQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.17.33.216 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-17-33-216.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
server
Server
267979857095800
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/267979857095800?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55fa45f18a96a6d398ab5e28677022fc1a1d92471ec6c4cce5d433c81a50574b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
eIcUK0s1MqWfekS0oE+rkC5okJLzY6+x7eVuUHq7iNR0vBzWr/6iSCyqrF29Z/ry97edQp5UZA8YoS33eedo5Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:04:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@rc/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
26756
x-jsd-version
3.0.0-rc.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19123-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a2fa2c569554e55-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991433252/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991433252/?random=1635041081164&cv=9&fst=1635041081164&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.expreso.ec%2F&tiba=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e732f9454a9dbd0d564bc55cfd71ba736ee69ec74fb731ec27a3748fa1e22260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1445859696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.expreso.ec%2F&ul=en-us&de=UTF-8&dt=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1166916566&gjid=1044753755&cid=370893537.1635041081&tid=UA-6579768-2&_gid=2020917274.1635041081&_r=1&gtm=2wgak0TBN9NK8&z=13088937
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1445859696&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.expreso.ec%2F&ul=en-us&de=UTF-8&dt=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registro&ea=Tipo&_u=YEDAAEABAAAAAC~&jid=1232818270&gjid=1061451476&cid=370893537.1635041081&tid=UA-6579768-39&_gid=2020917274.1635041081&_r=1&gtm=2wgak0TBN9NK8&z=2001821777
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1252
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a2fa2c56c28695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 27 Oct 2021 02:04:41 GMT
adsct
t.co/i/ 		43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzu7u&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=71d237cb-80b7-4ae3-8df5-d9db348fa22f&tw_document_href=https%3A%2F%2Fwww.expreso.ec%2F
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Sun, 24 Oct 2021 02:04:41 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f507fb0f13f09e21675024a81cbeb98ee678aaa8c7df4d48221436ad5dc89e02
x-transaction
91d20491dbec87f7
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nzu7u&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=763481ed-93d2-4f9c-b690-0bda327ffc85&tw_document_href=https%3A%2F%2Fwww.expreso.ec%2F
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Sun, 24 Oct 2021 02:04:41 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f507fb0f13f09e21675024a81cbeb98ee678aaa8c7df4d48221436ad5dc89e02
x-transaction
8a3511e518a6a565
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-6579768-2&cid=370893537.1635041081&jid=1166916566&gjid=1044753755&_gid=2020917274.1635041081&_u=YEBAAEAAAAAAAC~&z=2050575619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:04:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-6579768-39&cid=370893537.1635041081&jid=1232818270&gjid=1061451476&_gid=2020917274.1635041081&_u=YEDAAEABAAAAAC~&z=860272523
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:04:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/991433252/ 		42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991433252/?random=1635041081164&cv=9&fst=1635040800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=0&url=https%3A%2F%2Fwww.expreso.ec%2F&tiba=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&async=1&fmt=3&is_vtc=1&random=509378604&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/991433252/ 		42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/991433252/?random=1635041081164&cv=9&fst=1635040800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=0&url=https%3A%2F%2Fwww.expreso.ec%2F&tiba=Noticias%20Ecuador%20y%20el%20Mundo%20%7C%20Expreso&async=1&fmt=3&is_vtc=1&random=509378604&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/c9187a9d-8117-467f-89bc-dbfd0be8855a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c9187a9d-8117-467f-89bc-dbfd0be8855a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb90db0e742f24e36aeb706c63a5e1bbf909aa7b6f47a89b08109946e79e4bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2365
cf-polished
origSize=4955
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6cce4ecd-b91b-463b-8f01-048bbf6c1fb0
x-runtime
0.141485
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8abafa82ed8483b50de117ffff5f8a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6a2fa2c5bc86695b-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 24 Oct 2021 03:04:41 GMT
584561239339248
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/584561239339248?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eebfca4ee513c692caadaeafbc06c917b5b8b7051d455defcccf9955021f2faf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
h6mpJpM52FHxpfD91R8lKjojkUDrBF6/dC3B41eEBPlxADphECHaAArCGZXiV1hnGkuhC+KWxKcUBgPGFRF+fw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:04:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=267979857095800&ev=PageView&dl=https%3A%2F%2Fwww.expreso.ec%2F&rl=&if=false&ts=1635041081266&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1635041081265.107714352&it=1635041081155&coo=false&rqm=GET
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 24 Oct 2021 02:04:41 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-6579768-2&cid=370893537.1635041081&jid=1166916566&_u=YEBAAEAAAAAAAC~&z=473841072
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-6579768-2&cid=370893537.1635041081&jid=1166916566&_u=YEBAAEAAAAAAAC~&z=473841072
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-6579768-39&cid=370893537.1635041081&jid=1232818270&_u=YEDAAEABAAAAAC~&z=2013273831
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-6579768-39&cid=370893537.1635041081&jid=1232818270&_u=YEDAAEABAAAAAC~&z=2013273831
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=584561239339248&ev=PageView&dl=https%3A%2F%2Fwww.expreso.ec%2F&rl=&if=false&ts=1635041081372&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1635041081265.107714352&it=1635041081155&coo=false&rqm=GET
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 24 Oct 2021 02:04:41 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.slim.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBN9NK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325bac0cb2483f519180bace7e5510b6c8723f44f04ff4475ec235c161a7421b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4009254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22378
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-11acd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyRVNNdbqtXJoWuNHQEBz65ZS5%2B%2FsDzRt4QSdrdFz1zJ9Ynm7Lno1XWlFwyiP0Ig9KKQfuRkYiq1UZMBbKuTZEtF0UkMukS4knfCktU2PITuu1q8OpPFSa2RvpGLl1vfxizSfcV8VrBBrxW%2BZhMYgCKW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a2fa2c6fa494eb5-FRA
expires
Fri, 14 Oct 2022 02:04:41 GMT
prepw.js
libs.lavoz.com.ar/paywall/expreso/ 		752 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.lavoz.com.ar/paywall/expreso/prepw.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.32.12.162 , Argentina, ASN7303 (Telecom Argentina S.A., AR),
Reverse DNS
lvi-kmmail.lavozdelinterior.net
Software
nginx /
Resource Hash
91a04166b31aee94c0214788ff83c2da5fffc5d5ccaa95d4ce5e5cfcea1c36c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 14:36:50 GMT
server
nginx
etag
W/"6086d002-bc1f2"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/javascript
cache-control
max-age=2592000
x-owner
La Voz del Interior S.A.
expires
Tue, 23 Nov 2021 02:04:42 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.expreso.ec
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.expreso.ec
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=195385275629653&correlator=61837761456983&output=ldjh&impl=fifs&eid=31063083%2C31063226%2C31062526&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1045043%2CEXO_XALOK%2Cexo_xa_home_1x1%2Cexo_xa_home_300x250_1%2Cexo_xa_home_300x250_2%2Cexo_xa_home_300x600_1%2Cexo_xa_home_970x250_1%2Cexo_xa_home_970x250_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=1x1%2C300x250%2C300x250%2C160x600%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90&ists=32&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1635041081&dt=1635041081740&dlt=1635041080944&idt=191&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C315&adys=-9%2C-9%2C-9%2C-9%2C-9%2C4144&adks=3860067970%2C447222255%2C2099169959%2C1538233148%2C4226025219%2C1266181836&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.expreso.ec%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&ga_vid=370893537.1635041081&ga_sid=1635041082&ga_hid=1445859696&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
2e4bbdc16cd124571bc9a3d3d579791d397cd5d7434a6210e6294352f0353115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12996
x-xss-protection
0
google-lineitem-id
-2,5718927112,-2,5718947509,5725984690,5718953710
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138353108260,-2,138352772022,138353770533,138357460903
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5185 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.expreso.ec/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:04:41 GMT
expires
Mon, 24 Oct 2022 02:04:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
asyncjs.php
adserver.latinon.com/revive/www/delivery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 Jacksonville, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:04:42 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
11dac5182c2ea03a67dd87cdf9937cd5
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=20
Expire
Sun, 24 Oct 2021 03:04:42 GMT
X-Xss-Protection
1; mode=block
logo.png
www.expreso.ec/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expreso.ec/images/logo.png
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cbf241d174ddc8843811c50441b51851ce12518614ed0538817fc4dc496dd79

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
_gcl_au=1.1.601546343.1635041081; __asc=3a72df4617cb00af738342ac984; __auc=3a72df4617cb00af738342ac984; _ga=GA1.2.370893537.1635041081; _gid=GA1.2.2020917274.1635041081; _gat_UA-6579768-2=1; _gat_UA-6579768-39=1; _fbp=fb.1.1635041081265.107714352
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.expreso.ec
referer
https://www.expreso.ec/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295794
etag
"61703680-dd5"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
none
UmT1LW87VIQ
www.youtube.com/embed/ Frame 6E22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/UmT1LW87VIQ
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/UmT1LW87VIQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.expreso.ec/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 24 Oct 2021 02:04:41 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=xVK-RWCK2H0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yDlRGU3L0-Q; Domain=.youtube.com; Expires=Fri, 22-Apr-2022 02:04:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+626; expires=Tue, 24-Oct-2023 02:04:41 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bk_videos.jpg
www.expreso.ec/images/ 		30 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expreso.ec/images/bk_videos.jpg
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/css/913e313.css?1634744243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b572255f31f38c062bfb09a985ec11b902830e7d3bc97b55c75ad0898e18de2

Request headers

:path
/images/bk_videos.jpg
pragma
no-cache
cookie
_gcl_au=1.1.601546343.1635041081; __asc=3a72df4617cb00af738342ac984; __auc=3a72df4617cb00af738342ac984; _ga=GA1.2.370893537.1635041081; _gid=GA1.2.2020917274.1635041081; _gat_UA-6579768-2=1; _gat_UA-6579768-39=1; _fbp=fb.1.1635041081265.107714352
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.expreso.ec
referer
https://www.expreso.ec/css/913e313.css?1634744243
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/css/913e313.css?1634744243
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295794
etag
"61703680-78fc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
none
fa-regular-400.woff2
www.expreso.ec/css/fonts/fontawesome/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.expreso.ec/css/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/css/c982dc0.css?1634744243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0

Request headers

sec-fetch-mode
cors
origin
https://www.expreso.ec
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_gcl_au=1.1.601546343.1635041081; __asc=3a72df4617cb00af738342ac984; __auc=3a72df4617cb00af738342ac984; _ga=GA1.2.370893537.1635041081; _gid=GA1.2.2020917274.1635041081; _gat_UA-6579768-2=1; _gat_UA-6579768-39=1; _fbp=fb.1.1635041081265.107714352
:path
/css/fonts/fontawesome/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.expreso.ec
referer
https://www.expreso.ec/css/c982dc0.css?1634744243
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.expreso.ec/css/c982dc0.css?1634744243
Origin
https://www.expreso.ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 15:32:16 GMT
age
295797
etag
"61703680-3518"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
none
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFEkpW-7WDKb3h2GNwouMs9iA9duNxV3OJONg-avsGxgykwE9thOFpKUgbUJlhQ_caykSKbLfB3rd5h29XSngPD1jC0YwvQOeDS0ca0lMNIPbi0mngugEa4sKSS7L7U7BUW5ec2OBW0b7uotMRQbJJ41QEh4d8uInEdqa006wQy8X82sLgMv12-c5QyKDwqoLAFDyJTx6V3F35jgK1L3iCeM8LJq8ZdRNgLbqkZRf_v2_yOH7TIWrg1Kcj3T3xhgr-luAroZOJK8xKRZO9uVg9EBVCOahErHhlNCGsDtYNKZnyl5WF3jxQsxF-eWb8ySwbTrVfW9vbCSU5&sig=Cg0ArKJSzP99NW68o-VnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
5fbf9c7a46ce00882e1ac7b069a56d060431343e32a8e7f437ff408a410abe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 648 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:04:41 GMT
lo-vslider-v1207.min.js
dkae4asr0dphj.cloudfront.net/js/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5000:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5fcac8deea68bd29bbfae3c778ff3464a1025b08d03be9d8c5eb48a4844ecde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ismEw5HeqWSpH_S1EWRlygq.wxe9bqvQ
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 13:31:20 GMT
server
AmazonS3
age
87163
etag
W/"0865a7806e079fa1291455cc873fc2f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
date
Sat, 23 Oct 2021 19:45:40 GMT
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
fcxHoCG8OboA7P6mYbp4D-ZJVSZqPs_p2KomGSZblHlDnllG-COTag==
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ 		179 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=020c03b8-fcb8-439e-85c1-381f5f5efc3a
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
df779e1e3dbc7732400ab92bcdeab541760a86a09217c5c04fac2da714eba7cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
public, no-transform, max-age=900
cf-ray
6a2fa2caa8b54a68-FRA
content-type
application/x-javascript; charset=utf-8
connatix.player.js
cd.connatix.com/ Frame 6F7E 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 24 Oct 2021 02:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:04:41 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshf-56rZ_oB623zkt6_o_ZGZ7pYGGEPV7AFZ_nfG6FXmZqAq9ibtAndA97OCJJQDWYAK4veowX72wfdoweg9Bj6-Ahjvxuw5YWZZXu2NoCHGubXf192ftGQ2MWhiIwZk_1bSvALQZpQtd7QVNqL8019thwMQJ8OqPwcE1ytMNbL8G7alG5ghGxM-Jdw9QGVbL5Qr5Wj7WYDbo6aGcpkV2BsM2T13TsfXZFkhkrlTZ0W8xvWgJlFEdZdRsLPckuIrRVFHTlP-WmRZ0yQ486uzgJoonyEPJAvgQaq1ujTx1OkwXw1uf8VWLvrooYCTXo7_kaTzfIfZjJ&sig=Cg0ArKJSzILCGJ_uxUw-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
si
capi.connatix.com/tr/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=0077435e-d719-447d-9226-206e8576f452
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.107.106 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-107-106.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:04:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=195385275629653&correlator=61837761456983&output=ldjh&impl=fifs&eid=31063083%2C31063226%2C31062526&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=245837125%2Cexpreso.ec%2Cexpreso.ec_display%2Cexpreso.ec_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cookie=ID%3Da95ae2f23074f449%3AT%3D1635041081%3AS%3DALNI_MbnYj95NV3SYxBr5WJSm8mA04QOXQ&bc=31&arp=1&abxe=1&lmt=1635041081&dt=1635041081914&dlt=1635041080944&idt=191&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3867979560&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.expreso.ec%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=370893537.1635041081&ga_sid=1635041082&ga_hid=1445859696&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
2f22623fe2b123a0cbcab54436d936c62b5eb79cc72ffe5d447dac39d296f657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10372
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=195385275629653&correlator=61837761456983&output=ldjh&impl=fifs&eid=31063083%2C31063226%2C31062526&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=245837125%2Cexpreso.ec%2Cexpreso.ec_display%2Cexpreso.ec_160x600&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&cookie=ID%3Da95ae2f23074f449%3AT%3D1635041081%3AS%3DALNI_MbnYj95NV3SYxBr5WJSm8mA04QOXQ&bc=31&arp=1&abxe=1&lmt=1635041081&dt=1635041081916&dlt=1635041080944&idt=191&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=4196362931&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.expreso.ec%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x600&msz=1600x600&ga_vid=370893537.1635041081&ga_sid=1635041082&ga_hid=1445859696&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
5ae6ea376314d690250732f173c7a547932c305ecdd96a0bc93543227036d673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23210
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40620682d9798c6b583f081d9bebec6cc83baef3001a0b42cfd45152428bb9da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
container.html
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CCA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.expreso.ec/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:04:41 GMT
expires
Mon, 24 Oct 2022 02:04:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CCA7 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:24:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:24:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CCA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfVlSOb90Ybn-OZnQ3gPoi7m4C4Katf9l8qGRjI0Onsm1gcQpEAEg_afnP2CVgoCAwAegAYyhifECyAEJqQKjFKHM--97PuACAKgDAcgDmwSqBOgBT9A7PD41Z33gvpVM-3rEgSEI2XeGbpHbQ5OMVEPHuCq8z9MwT7rMCL9ATDbj3_WMUcK42ej9HWYMImd-TAfqaFqiOl_fznw2SH87JBAMf4CKxpVqIe4dInYYQdk8lu2zAp8O6xYN1W-AgCu7UhhvntGaZloizCEdy99nGtwmoHJyB4ZH8NMsA5HR_rEhrfa5hVtCJfUglwLGbnnZqODPHn_1stTb0gK22N40mab3oZxkk45yDExh8quQID16FJkF6j9fc0j3lBdrYq0nb8DNDXW1SOG2eJiezPL2ItasH0STOLe2qO_zz8AEkL_Vse8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6uU4aUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQwa0H0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03NzYzMzU4NjY2MTU4NjMygAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTU5OTQzMDAzODgxMjYzNzgYze8o&sigh=v4Xt52TggRY&uach_m=[UACH]&template_id=494
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame CCA7 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:35:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CCA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:30:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCA7 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:04:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CCA7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1715
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:36:07 GMT
l
www.google.com/ads/measurement/ Frame CCA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9LIjbLAZlPnIq25HNAgefBqL9KpLTK6yra8D0WU8Gnft6P17MM9o0gqeuDNwHi7TdqvYDInnMDJHEUhImTaVHrmFLQQ
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
fc4a425cba241d0dce431f7f76e62919.js
www.gstatic.com/mysidia/ Frame CCA7 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 21:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11259
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 09:43:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Fri, 21 Jan 2022 21:45:50 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CCA7 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRL1Dem0wHoQGlwY4XswdDdTcnDsiAe52d-uBlx1ETHowNRC1-FjPpRB6yc-A&usqp=CAI
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b121afbdfd084f945157304440e635e3bf82f07e2f632062f109f2a6679ee2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 00:57:46 GMT
x-content-type-options
nosniff
age
263216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22125
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 02:55:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 00:57:46 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CCA7 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSNsh5P_qV-Uw5MTC0WWNVGDLxGxIa98yEANbVjnbKin740S6dp0u-ZM9NV3A&usqp=CAI
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b415c442e0a0ef93dd2bcd055f97a6eddd9e5921daee6f316de277d3e7031642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 01:02:14 GMT
x-content-type-options
nosniff
age
349348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27141
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 02:09:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 20 Oct 2022 01:02:14 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CCA7 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRZcpys6QGNYOr8qYPyT5cqMQlvLP91AG72lyOVeGc74uLWU6NQTBjySbcrcA&usqp=CAI
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:13:56 GMT
x-content-type-options
nosniff
age
168646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17894
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 11:40:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 22 Oct 2022 03:13:56 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CCA7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQWF_tbAmx7UqG8-WOGQ14t-CcySBTX1xSR0zz2xbTLji-U7QHt&usqp=CAI
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1107e918cff57a18750527530afcf25f2224d02ae09c3d747754685d560f5b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:05:00 GMT
x-content-type-options
nosniff
age
219582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16700
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 03:04:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 21 Oct 2022 13:05:00 GMT
9074747796639100022
tpc.googlesyndication.com/simgad/ Frame CCA7
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi
  • https://tpc.googlesyndication.com/simgad/9074747796639100022
16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9074747796639100022
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:15:25 GMT
x-content-type-options
nosniff
age
211757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16716
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 08:56:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 15:15:25 GMT

Redirect headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:56:01 GMT
x-content-type-options
nosniff
server
cafe
age
521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9074747796639100022
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Nov 2021 01:56:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4311 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 18:26:41 GMT
expires
Sun, 24 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
27481
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame CCA7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8aab72fca8b4563ad6d897931e9973e66310510a12253fef93bc1a8e0d7204d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
google2waycm.netmng.com/cm/ Frame 4311 		0
0
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHByV2xJcGYxTUVzU201&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHByV2xJcGYxTUVzU201&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF0xnBVqJ9gr4W84syWhqD9vB7xZ1SlDqkEYuwA2AmD0-UQG4dUn5Kf
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:04:41 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZHByV2xJcGYxTUVzU201&google_gid=CAESECIf8M4NcnIcUi24sRAOmHg&google_cver=1&google_push=AYg5qPI0Uor7ckN377o7U_o-CECyi7cBuCcpvpHKLrar6tF0xnBVqJ9gr4W84syWhqD9vB7xZ1SlDqkEYuwA2AmD0-UQG4dUn5Kf
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDJPx3I-V1izDWiZldEFkbg&google_cver=1&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO_uC4x5vaS-q4U
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CFCA6079FA4BE88D34881CEAC29005&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CFCA6079FA4BE88D34881CEAC29005&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO_uC4x5vaS-q4U
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Oct 2021 02:04:42 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CFCA6079FA4BE88D34881CEAC29005&google_push=AYg5qPJxGFqgtfD29bnmJ7g3Tu7bX5nRLBbO6WHu6dHEYI1VxJop93wJgwwlbjLDKTHW-5Zmwe18mfF6IaGxccO_uC4x5vaS-q4U
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 23 Oct 2021 02:04:42 GMT
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPHyxKG8ZqgG4LaPz0ZIDtI&google_cver=1&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPHyxKG8ZqgG4LaPz0ZIDtI&google_cver=1&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9Dou...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2Njk5ODE3NzM0MzMxODE0OQ&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2Njk5ODE3NzM0MzMxODE0OQ&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy0B5P-QXbb3Kjxo1akHUM
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2Njk5ODE3NzM0MzMxODE0OQ&google_push=AYg5qPL233ledL07BejiK89nZaya5oExuooV9rLsnYHMSZxG72sUxnY9PPeXx_7DU3vhIfS9DoumfKCy0B5P-QXbb3Kjxo1akHUM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HK9LTfAvQ2W5Xd6Ba0N0Ow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HK9LTfAvQ2W5Xd6Ba0N0Ow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqxHOTOz_qWYd2Px_ZhG3uTyrBIXKgbwe0RFgDpzQkQ9QfkqAlGEM4QtVhOdSZIJ_0hQQisEUyIQmbV8nluBwgkBKxmvog
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HK9LTfAvQ2W5Xd6Ba0N0Ow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqxHOTOz_qWYd2Px_ZhG3uTyrBIXKgbwe0RFgDpzQkQ9QfkqAlGEM4QtVhOdSZIJ_0hQQisEUyIQmbV8nluBwgkBKxmvog
date
Sun, 24 Oct 2021 02:04:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBuVfU7kHHfVGicUThRZE3k&google_cver=1&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxE...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDhUTUctMVMtS0kxSQ==&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxED7t62Y6PDHxZ2Eb6hNGsOrbHw
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDhUTUctMVMtS0kxSQ==&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxED7t62Y6PDHxZ2Eb6hNGsOrbHw
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDhUTUctMVMtS0kxSQ==&google_push=AYg5qPJuZO6ZjbE9pAK6yCEW7h1CDv_80F85jcpDoRPkmV3XzrquvUW-tSmBAZFsraQOh-FTfxED7t62Y6PDHxZ2Eb6hNGsOrbHw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4311
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qi...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 4311 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFBRvJagNUgOyIdvyQkekrX07oXGYQkFQ5TTPVRB4fcQpYhBbbsI2E2ePatwcvwVsHpN1S
Requested by
Host: 9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
URL: https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=584561239339248&ev=Microdata&dl=https%3A%2F%2Fwww.expreso.ec%2F&rl=&if=false&ts=1635041082927&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1635041081265.107714352&it=1635041081155&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.expreso.ec
URL: https://www.expreso.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 24 Oct 2021 02:04:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CCA7 		42 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOiIioEp-YPPY7OIeedgWe1vhvO0xrvD7kzBtCifwNE5Fgmw9--eWAGzSOb2vSCWKeY7rQSnIOWvLsvn9gsrcxnDpBxPyoHg7DT9pfXDiClO8tF9gxUw&sai=AMfl-YSE-IZtATXTzn2XApzWEuQw5MzlPynpP7Gi_78ZIyt_pVjeHQ6wDjKNeumdahbN3FeSs4x271odT09_h8qWH3gKcnvX7giGOI-1hHB9TGtAZ4XnDZtaurvrIh_h&sig=Cg0ArKJSzOZy2-HYv4_rEAE&cid=CAASF-RowR5g1mk4pwKi1gOVk5Rm-fAos39V&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4196362931&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635041082337&rpt=226&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
suscripcion.expreso.ec//api/v1/ 		244 B
744 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://suscripcion.expreso.ec//api/v1/config
Requested by
Host: libs.lavoz.com.ar
URL: https://libs.lavoz.com.ar/paywall/expreso/prepw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.215.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-215-67.compute-1.amazonaws.com
Software
nginx / PHP/7.3.13
Resource Hash
3152104deb6d44d4a3c1430754cfbd08ade612b92d726984cb682691fb126958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:04:44 GMT
Server
nginx
X-Powered-By
PHP/7.3.13
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.expreso.ec
X-RateLimit-Remaining
4999
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-RateLimit-Limit
5000
Connection
keep-alive
Access-Control-Allow-Credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aa4094f561cb07ed2f8feba75d896acfadc56c044776d7c2b7798fd8a8c74c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8627
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvubAyJbW1tnJXoa44ryIDdHF76qyFrp4xRTWtV0AyJe3CYRMNmzKQ8FHcDkCRGstOEH7_jFOII58ev7KoBGUU-aE1upJOi7uzyXQjkS7HFLTQQjMueq-BfHkek8-1FOUL1cb_WPK-B1owvAuuoylZeDHFUhuVsBtQy4toRUy0eHaqTRxQMWr9E3Y8sPUX8-vPx-3QDRqY5NCjIYh5Fg92C4Lwkwo2iqM-Whe_dHJeWQwass9SS4pll5h6Rdro8HcsIPaHiTHw-WkTz9eQIVQghUQnjCQaYfHGTz_TiqJSFiKPtHmg1orwJZrrNXLHiZ-bdYc6zyllYv8U&sig=Cg0ArKJSzATWw-UDcWQJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:04:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 24 Oct 2021 02:04:43 GMT
asyncspc.php
adserver.latinon.com/revive/www/delivery/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncspc.php?zones=300&prefix=revive-0-&loc=https%3A%2F%2Fwww.expreso.ec%2F
Requested by
Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 Jacksonville, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
02eb488ebe2a2eb7f4776879c4c6020d19f1264ad509dad0c618c53f3152e9e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:04:43 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www.expreso.ec
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 24 Oct 2021 02:04:44 GMT
/
vast.aniview.com/api/adserver61/vast/ 		906 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d52d15128a061023772a8cf&AV_URL=[URL_MACRO]&cb=[TIMESTAMP_MACRO]&AV_WIDTH=[WIDTH_MACRO]&AV_HEIGHT=[HEIGHT_MACRO]&AV_SCHAIN=[SCHAIN_MACRO]&AV_CCPA=[CCPA_MACRO]&AV_GDPR=[GDPR_MACRO]&AV_CONSENT=[CONSENT_MACRO]
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c727b5bf7fbb6c6ee161a4210f6267b23dbb0cc1e9338cfdd20f13658deca36e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml
access-control-allow-origin
https://www.expreso.ec
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
523
expires
Sun, 24 Oct 2021 02:04:44 GMT
lg.php
adserver.latinon.com/revive/www/delivery/ 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adserver.latinon.com/revive/www/delivery/lg.php?bannerid=1075&campaignid=254&zoneid=300&loc=https%3A%2F%2Fwww.expreso.ec%2F&cb=a7e303385f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 Jacksonville, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:04:43 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
close.jpg
dkae4asr0dphj.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkae4asr0dphj.cloudfront.net/images/close.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5000:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e68f4b07bdaf1c80bfb00f4d3d3a25aea3ae8d4022d6df6d0127f624961f9496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Wed, 07 Mar 2018 14:07:48 GMT
server
AmazonS3
age
5738
etag
"bb4035b8e640193e3d64574dbb6e6d95"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Sun, 24 Oct 2021 00:29:05 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
1844
x-amz-cf-id
lAqm0D16zDnCliz9L_1br5uQEsp43fYoQ-3tgV0HQhVm7ovnNo9GHw==
AVmanager.js
player.aniview.com/script/6.1/ Frame 7630 		361 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds-YtlbBJv2QJARUbxWzAzMVWCcXYWe7En0xUNaKmOAn8G1zzpH98c8yGFCVmdULL8nqDY9vumr90FBk2C_qHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103423
last-modified
Wed, 13 Oct 2021 06:17:51 GMT
server
UploadServer
etag
"e88cbf5213e55dde489911c70aa5ec91"
vary
Accept-Encoding
x-goog-hash
crc32c=4L5KPg==, md5=6Iy/UhPlXd5ImRHHCqXskQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634105871199372
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103423
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 24 Oct 2021 02:09:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E2AE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.expreso.ec/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 19:33:26 GMT
expires
Sun, 23 Oct 2022 19:33:26 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
23478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame D779 		783 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9de0845e0a170d3da93d99bc252215c258bdff17f0874f8b0fd19c9b828dd83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lMywoFKBwLdhNh6ZW/Rqag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.expreso.ec/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 24 Oct 2021 02:04:44 GMT
date
Sun, 24 Oct 2021 02:04:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-lMywoFKBwLdhNh6ZW/Rqag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame E2AE 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options
nosniff
age
91977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35616
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 23 Oct 2022 00:31:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D779 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=195385275629653&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.expreso.ec&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&d36=6.1.2.78&apppkg=&fv=1&proto=https&pid=5d31fb2628a06116ff22aef3&cid=5d52d15128a061023772a8cf&stagid=&stplid=&e=inventory&vi=100&cb=1635041084202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.114.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-114-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
gov.aniview.com/api/adserver/tag/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.expreso.ec%2F&AV_SCHAIN=%5BSCHAIN_MACRO%5D&AV_CCPA=%5BCCPA_MACRO%5D&AV_GDPR=%5BGDPR_MACRO%5D&AV_CONSENT=%5BCONSENT_MACRO%5D&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d52d15128a061023772a8cf&format=json&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DETDOMAIN=www.expreso.ec&AV_DADPOS=1&d36=6.1.2.78&avtoken=84201&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1635041084215
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.73.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-73-135.compute-1.amazonaws.com
Software
/
Resource Hash
23f0f818c74f5a0438605ce883f49475e02cab3c727a9dcb7cd29a186672d7f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.expreso.ec
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 12 Oct 2021 12:18:04 GMT
truncated
/ Frame 7630 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101301&jk=195385275629653&bg=!nJ-ln9vNAAbUs_yW1LM7ACkAdvg8Wm-EPH0aAPrzpXUuWoo5PgbV8rQQbLXkqkcWOeptl1m6-cHR7QIAAAB7UgAAAAloAQcKAKni9fj3eRWoKo-gGt0RyaQYR17cseeGSQIfb3lKn9MOEb1aAyqs4d8QJNaQ9HzL17E0Hdq4urxofWHZ1XS745Dpwszf6EMrS-RPyg-cQM_L5rYpJxz2ewcj0qnn9R9vyHfg94imOCPOczbXcQ8jObkiXzDtpqzDWDpAwMJ32RX-yVHG_CLr963Vw3Ovz7-kAa57st52rdnbQV-OqmaaVSvA_aB-yNY4OpzemQK3TDY6kx5_wJpjakdUTVFzYREn3eUP4xdcDnRd3Dc0lLPSLsst_Ncy4767d4gTnLs-jZPhOJiW0tf8N3UWR79cGzKdMkkHDdoclFSQ7htj7w9y241aB7nT9pf0-rbDRHpJ4_nav2maHtNnXhYJZGGNqEkmHos792IlS4Q1dH-kcr4MHdH-XtWXMyiLmZvWtCmhs3rEcUMkQsVBEhd8qT6rm2dPXMMBF-37I6Q48XtgqRuE1hMYC0HLmJABe96rlIM-OlMxMBjwcUnLbNZHY3OP3h5BDg6mKy9arkiYFcLpgCPOcEpvNW0F54kSxiNpy-prraRC8yUi5Rt_AfTZCdot_vaDA9OXLSW0mRsZ8vx-yGuI_-_gkNcg_c3KU8BdRbUJ7hjtjDGO-QPHJrk0EGPvY0PPp341KABpF8W6UcwvcgyabKbB0GFoGlo9c1nm3RF_XS4oPxyh2Ox9T3RZDf-c5AFBwjqgiAkX4WxWVjM2LYP2RuOCaRr-TOJQySq1D17RdhEIeO7tmfOZjE-i8YiXf1Jq1HwfaWRFdMml3T6md9m9zgh3vS25S2NsaguwO6z_X3ROWpsKj6b45DlL6DmNoTMmpeC3Tx2DtevJn_bt015hNtWNWr1oFo6okW5R9Opyo3KK6rADZVd4IPnKnSvhwfDgI0IRwECDV3NT2Ax26KnpjdVp-rr3CWfq_tvB9UY2vAc4lDOlrk89muGSvXsQA86uZCJxZjW0xrDCQKCbURxEPH55F_-xCY6ehEMp6x6T84-CmT8c0mXuHK6LRc7kLTRZdKx-YyJ2BDRYN7uNy6U2DEsXzwKdR6UjazmhZ2hVr9U3Qx3hS-KBk4oeu1UvWcIFS5qtOpMaHEQ5s6G6XNEVzXC1iZBfHXDnKoWBTJVzNXTNlO9gon0kuxUrpUG7EjIHZyzsxw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 7630 		303 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduZw_i5ti7yyLKbGdH9e-AJSyuIrZowyBkvpjZIzG5xPvNYPc7k0NfjV4IddG3zqY2hEr64JKpFnz7rIG1wp5Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96232
last-modified
Wed, 13 Oct 2021 06:16:58 GMT
server
UploadServer
etag
"ad7ef38cf13e26516d10222fcdb4ead3"
vary
Accept-Encoding
x-goog-hash
crc32c=vtLYAw==, md5=rX7zjPE+JlFtECIvzbTq0w==
content-language
en
access-control-allow-origin
*
x-goog-generation
1634105818129804
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96232
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 24 Oct 2021 02:09:44 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.expreso.ec&rs=www.expreso.ec&sid=8105&t=1635041084&cip=78.47.208.27&sn=&tgt=1&osv=10&bv=93.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1635041084525-954026576943-006111-010-000091&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.78&cb=62140645695&d9=0000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d52d15128a061023772a8cf&e=request&cb=1635041084674&asid=6169b45be9e45f3f2845a2ed%2C5dab78c328a0614f641214cc&ofpr=0.2%2C2&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.114.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-114-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:04:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/239365/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/239365/0/mvo?z=1r&hbv=5.16,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.expreso.ec
pragma
no-cache
date
Sun, 24 Oct 2021 02:04:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		61 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fb2e938cf78917438a8c81187db87800b5c486bc6b1f7628e46b9f8677ec7f96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.expreso.ec/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:04:44 GMT
X-Proxy-Origin
78.47.208.27; 78.47.208.27; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e75ac3f9-fda3-4148-8d76-fe31d8c7f082
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.expreso.ec
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
61
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnZvjta6Q4rERCYj8duUF0Yydz4XgL0ArCHJjVKxso9T-q-6aKZPk6aPEa2EE6ARrTbfzMeC8S1C38X_GHd-cbIBOFGFjNv-FoBG6gPdyOTJ8wJfON&sig=Cg0ArKJSzK2-aWxRFGcNEAE&id=lidar2&mcvt=1001&p=0,0,600,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211020&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1538233148&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635041080695&rpt=3130&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.expreso.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:04:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cd.connatix.com
URL
https://cd.connatix.com/connatix.player.js
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPKl6HCa3Ca3zBxUKId5KRY&google_cver=1&google_push=AYg5qPL7Afut5NAeZRlItHLX1hRiE4oYbV6zYxquRdZhYew2WzBWbYDl7kYtmdaPvyyDBXyzXKrgwu5pnf-9uZlcoWYctSdHalXI
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| setViewPort object| dataLayer object| googletag object| pages object| settings function| wfMatchAdvertisementPages object| wfAdvertisementPage object| GT_page string| GT_sitepage number| GT_importance string| GT_listpos object| positions object| ggeac object| google_js_reporting_queue object| AMP object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq function| fbq function| _fbq object| _atrk_opts function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| atrk boolean| _atrk_fired function| md5 object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn function| vidIntextAddMargin function| insertVidoomyDiv function| runIntext function| __tcfapi_8928924878912 object| Cookies function| $ function| jQuery string| paywallType object| metaPaywallType string| contentType object| metaContentType object| paywallConfig object| paywall object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu function| vsliderLO_1635041081894479996534757 object| cnx number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| Debugger function| loVSlider object| reviveAsync object| ampInaboxIframes object| ampInaboxPendingMessages object| g367CB268B1094004A3689751E7AC568F undefined| g undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature function| UAParser function| setImmediate function| clearImmediate function| iFrameResize object| cX object| GoogleGcLKhOms function| vsliderLO_1635041083919756905667241 string| m object| storageAni object| google_image_requests

27 Cookies

Domain/Path Name / Value
.expreso.ec/ Name: _gcl_au
Value: 1.1.601546343.1635041081
.expreso.ec/ Name: __asc
Value: 3a72df4617cb00af738342ac984
.expreso.ec/ Name: __auc
Value: 3a72df4617cb00af738342ac984
.expreso.ec/ Name: _ga
Value: GA1.2.370893537.1635041081
.expreso.ec/ Name: _gid
Value: GA1.2.2020917274.1635041081
.expreso.ec/ Name: _gat_UA-6579768-2
Value: 1
.expreso.ec/ Name: _gat_UA-6579768-39
Value: 1
.expreso.ec/ Name: _fbp
Value: fb.1.1635041081265.107714352
.doubleclick.net/ Name: IDE
Value: AHWqTUmu7WIIW5qWYot-1CPlYulXCGHGb6UOUmLmjZwp1tROEjvtn7cJva7TK8QyJNg
.youtube.com/ Name: YSC
Value: xVK-RWCK2H0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: yDlRGU3L0-Q
.expreso.ec/ Name: __gads
Value: ID=a95ae2f23074f449:T=1635041081:S=ALNI_MbnYj95NV3SYxBr5WJSm8mA04QOXQ
adserver.latinon.com/ Name: OAGEO
Value: 2%7CDE%7CEU%7C1%7CNuremberg%7C90402%7C49.4516%7C11.0867%7C200%7CEurope%2FBerlin%7C%7CBY%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.w55c.net/ Name: wfivefivec
Value: dprWlIpf1MEsSm5
.casalemedia.com/ Name: CMID
Value: YXS-OkXla7R07LAOmDA-KAAA
.casalemedia.com/ Name: CMPS
Value: 3176
.simpli.fi/ Name: suid
Value: 85CFCA6079FA4BE88D34881CEAC29005
.w55c.net/ Name: matchgoogle
Value: 5
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1217
.casalemedia.com/ Name: CMST
Value: YXS-OmF0vzoA
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1CAF4B4D-F02F-4365-B95D-DE816B43743B
.adform.net/ Name: uid
Value: 4866998177343318149
.expreso.ec/ Name: paywall_user_type
Value: anonimo
adserver.latinon.com/ Name: OAID
Value: 01000111010001000101000001010010
.aniview.com/ Name: aniC
Value: 1635041084525-954026576943-006111-010-000091

5 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS_OkXla7R07LAOmDA_KAAABMEAAAAB&google_cver=1&google_gid=CAESEELJ-EFdgHkIIOhA-iS-3o0&google_push=AYg5qPIsJf9dYFhYiRWAIMOKVPJuC3JLLS1qift7nFIwCSNlFghiC-CQn-FpIFLaGKb8EEdOQkvmaAeN8qqto2YCEnFPmzOCdTm8
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a1e71e564298fefaaabe770a2af0cd0.safeframe.googlesyndication.com
ads.vidoomy.com
adserver.latinon.com
adservice.google.com
adservice.google.de
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.engine.4dsply.com
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
dkae4asr0dphj.cloudfront.net
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gov.aniview.com
ib.adnxs.com
image6.pubmatic.com
libs.lavoz.com.ar
onesignal.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
suscripcion.expreso.ec
t.co
tag.1rx.io
tpc.googlesyndication.com
track1.aniview.com
um.simpli.fi
vast.aniview.com
www.expreso.ec
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
cd.connatix.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.244.42.69
142.250.184.194
142.250.185.130
151.101.130.133
169.50.137.190
172.217.23.98
18.66.112.71
18.66.97.58
185.33.223.178
198.47.127.19
199.232.136.157
200.32.12.162
213.19.147.42
2600:9000:223c:5000:18:e253:91c0:21
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:9f11
2606:4700::6812:e234
2a00:1450:4001:800::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9c
2a02:26f0:6c00:28a::2c79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.92.82
3.129.250.65
3.17.33.216
34.204.114.16
37.157.4.25
52.15.107.106
52.203.215.67
52.72.73.135
64.227.27.145
69.173.144.165
027b2e797eff92e89a3f8ee4223124f21ca241230399410046a37f5dcbdaccef
02eb488ebe2a2eb7f4776879c4c6020d19f1264ad509dad0c618c53f3152e9e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1107e918cff57a18750527530afcf25f2224d02ae09c3d747754685d560f5b4d
117178769f0f7029c36077906786f3465f897be6fef61af90da8e53577b5622f
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b572255f31f38c062bfb09a985ec11b902830e7d3bc97b55c75ad0898e18de2
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
23f0f818c74f5a0438605ce883f49475e02cab3c727a9dcb7cd29a186672d7f8
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2a62113caa7c0fd1c93f276283df4387869c57203ee4f11e031e642b73def024
2a736d0eb1e415b2d66513c1acfd9a5f8f17d4f6a0a286986da3308dc9600b8e
2e4bbdc16cd124571bc9a3d3d579791d397cd5d7434a6210e6294352f0353115
2f22623fe2b123a0cbcab54436d936c62b5eb79cc72ffe5d447dac39d296f657
2f8bff5a27090405fb51a060edccbda9b657d4ba158d41df502ada744a346b14
2fad09e3a47e1116b65ea2355e1a14ee813b131b7cab0c62b84c61b634a3e874
3152104deb6d44d4a3c1430754cfbd08ade612b92d726984cb682691fb126958
325bac0cb2483f519180bace7e5510b6c8723f44f04ff4475ec235c161a7421b
389a411db19283b72c3c5b264d837e88024ba013f88dd3dac7d192cc6db22f0d
3ea49b3bdd2d1b92e250538e82ab9d24d6edc5e660d544fe489e125490daf9a2
40620682d9798c6b583f081d9bebec6cc83baef3001a0b42cfd45152428bb9da
4b121afbdfd084f945157304440e635e3bf82f07e2f632062f109f2a6679ee2c
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4be248af2533387777c0841dbe22c2da3d19217cee48ae7c68063ba2966f1d77
4cbf241d174ddc8843811c50441b51851ce12518614ed0538817fc4dc496dd79
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
55fa45f18a96a6d398ab5e28677022fc1a1d92471ec6c4cce5d433c81a50574b
5ae6ea376314d690250732f173c7a547932c305ecdd96a0bc93543227036d673
5bea7d0cce7b62a7face177e0384769971a5b0fdc90a77102e2d411a6a2b7701
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fbf9c7a46ce00882e1ac7b069a56d060431343e32a8e7f437ff408a410abe80
626a4762413f8f79b2190fbec7c91aff486b776802c089a752dcdacc05dffdf5
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
7375d14e433da294fb0419ec5a46d63b5531dfede361bac0fea236929e65b055
7aa4094f561cb07ed2f8feba75d896acfadc56c044776d7c2b7798fd8a8c74c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aab72fca8b4563ad6d897931e9973e66310510a12253fef93bc1a8e0d7204d0
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
91a04166b31aee94c0214788ff83c2da5fffc5d5ccaa95d4ce5e5cfcea1c36c7
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa50e92f12976b59733e3279bdb58b0d66f1b874fc77f45e1f813a7410d14680
ac7b9f46edcec0a88c11c18bf0a08879953bfd042486c0a2a7c58426df25088c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd
b415c442e0a0ef93dd2bcd055f97a6eddd9e5921daee6f316de277d3e7031642
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b9de0845e0a170d3da93d99bc252215c258bdff17f0874f8b0fd19c9b828dd83
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c727b5bf7fbb6c6ee161a4210f6267b23dbb0cc1e9338cfdd20f13658deca36e
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d47e1e9731efe05b249ed238fef1df90c716ee960f6889ed462d9def49c6c7bb
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df779e1e3dbc7732400ab92bcdeab541760a86a09217c5c04fac2da714eba7cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fcac8deea68bd29bbfae3c778ff3464a1025b08d03be9d8c5eb48a4844ecde
e68f4b07bdaf1c80bfb00f4d3d3a25aea3ae8d4022d6df6d0127f624961f9496
e732f9454a9dbd0d564bc55cfd71ba736ee69ec74fb731ec27a3748fa1e22260
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
eebfca4ee513c692caadaeafbc06c917b5b8b7051d455defcccf9955021f2faf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb2e938cf78917438a8c81187db87800b5c486bc6b1f7628e46b9f8677ec7f96
fb90db0e742f24e36aeb706c63a5e1bbf909aa7b6f47a89b08109946e79e4bff
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d
fca1cdb930301c50484f28f340d2a4f32cfb37cb1e64ed6502c25e8b7fdca6bd