pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pelotainvernal.com/
Submission: On December 20 via api (December 20th 2022, 4:01:35 am UTC) from DO — Scanned from DE

Summary HTTP 369 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 63 IPs in 8 countries across 50 domains to perform 369 HTTP transactions. The main IP is 54.208.89.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pelotainvernal.com. The Cisco Umbrella rank of the primary domain is 478236.
TLS certificate: Issued by Amazon on August 5th 2022. Valid for: a year.

This is the only time pelotainvernal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	54.208.89.30 54.208.89.30	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	54.231.228.184 54.231.228.184	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::6815:6097	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	13.225.78.76 13.225.78.76	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	104.18.135.145 104.18.135.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
23	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
16	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
17 33	95.101.27.149 95.101.27.149	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 5	3.64.108.88 3.64.108.88	16509 (AMAZON-02) (AMAZON-02)
2 7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	18.184.207.116 18.184.207.116	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
2	35.241.34.106 35.241.34.106	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
18	146.20.128.166 146.20.128.166	27357 (RACKSPACE) (RACKSPACE)
1	2600:9000:20e... 2600:9000:20eb:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
37	146.20.132.128 146.20.132.128	27357 (RACKSPACE) (RACKSPACE)
8 8	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
7 7	54.85.151.23 54.85.151.23	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
43	146.20.128.148 146.20.128.148	27357 (RACKSPACE) (RACKSPACE)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2 10	18.158.209.170 18.158.209.170	16509 (AMAZON-02) (AMAZON-02)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
10	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a02:26f0:350... 2a02:26f0:3500:14::1724:a251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:f0dc:d918:bf86:3244	14618 (AMAZON-AES) (AMAZON-AES)
1 1	154.57.158.49 154.57.158.49	26558 (FREEWHEEL) (FREEWHEEL)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
369	63

6 54.208.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-89-30.compute-1.amazonaws.com

pelotainvernal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:179 (United States)

ASN13335 (CLOUDFLARENET, US)

flower-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.231.228.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:6097 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-conectate.kiskoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-76.fra2.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.135.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 95.101.27.149 (Frankfurt am Main, Germany) 17 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-149.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.64.108.88 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-88.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.207.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-207-116.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 146.20.128.166 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.214.223.115 (Groningen, Netherlands) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 146.20.132.128 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:678:cb4:bbbb::11 (United Kingdom) 8 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.85.151.23 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 146.20.128.148 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.158.209.170 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com

eu.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:14::1724:a251 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

creatives.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:f0dc:d918:bf86:3244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.49 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
114	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 22754 v.lkqd.net — Cisco Umbrella Rank: 11551 cs.lkqd.net — Cisco Umbrella Rank: 2756 t.lkqd.net — Cisco Umbrella Rank: 18312 Failed	493 KB
43	stickyadstv.com 17 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 595 cdn.stickyadstv.com — Cisco Umbrella Rank: 5228	732 KB
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	457 KB
31	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 161 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	278 KB
23	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 690	25 KB
15	amazonaws.com s3.amazonaws.com	145 KB
12	sportradarserving.com 2 redirects eu.sportradarserving.com — Cisco Umbrella Rank: 61697 creatives.sportradarserving.com — Cisco Umbrella Rank: 64149	92 KB
8	turn.com 8 redirects ad.turn.com — Cisco Umbrella Rank: 710	3 KB
7	stackadapt.com 7 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	2 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	9 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	119 KB
6	loopme.me 6 redirects csync.loopme.me — Cisco Umbrella Rank: 752	1 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	261 KB
6	pelotainvernal.com pelotainvernal.com — Cisco Umbrella Rank: 478236	29 KB
5	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 273	2 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	1 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	2 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1884 mp.4dex.io — Cisco Umbrella Rank: 1980 c.4dex.io — Cisco Umbrella Rank: 5846	25 KB
5	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 13646 s.seedtag.com — Cisco Umbrella Rank: 5800	135 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	63 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 dsum.casalemedia.com — Cisco Umbrella Rank: 1324 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	4 KB
3	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 490	4 KB
3	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 22938 a.vidoomy.com — Cisco Umbrella Rank: 8039	5 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 335	279 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 497	717 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 958 id5-sync.com — Cisco Umbrella Rank: 413	17 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666	10 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	541 B
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 462	6 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1148 cs.media.net — Cisco Umbrella Rank: 1387	1016 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 23217 cdn.firstimpression.io — Cisco Umbrella Rank: 23306	96 KB
2	kiskoo.com cdn-conectate.kiskoo.com — Cisco Umbrella Rank: 192086	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	36 KB
2	flower-ads.com flower-ads.com — Cisco Umbrella Rank: 861580	165 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 707	759 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993	485 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 955	183 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	378 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	1 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	12 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 581	405 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	701 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	30 KB
369	50

	Domain	Requested by
43	t.lkqd.net	ad.lkqd.net
37	cs.lkqd.net	ad.lkqd.net
33	ads.stickyadstv.com	17 redirects pelotainvernal.com ad.lkqd.net cdn.stickyadstv.com
23	onetag-sys.com	flower-ads.com cdn.jsdelivr.net f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com onetag-sys.com pelotainvernal.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
18	v.lkqd.net	ad.lkqd.net
16	ad.lkqd.net	pelotainvernal.com ad.lkqd.net
15	s3.amazonaws.com	pelotainvernal.com
15	pagead2.googlesyndication.com	pelotainvernal.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pelotainvernal.com
10	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
10	eu.sportradarserving.com	2 redirects onetag-sys.com eu.sportradarserving.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net flower-ads.com f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
8	ad.turn.com	8 redirects
7	sync.srv.stackadapt.com	7 redirects
7	cm.g.doubleclick.net	2 redirects pelotainvernal.com
6	csync.loopme.me	6 redirects
6	www.googletagservices.com	pelotainvernal.com googleads.g.doubleclick.net f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
6	pelotainvernal.com	pelotainvernal.com
5	s.amazon-adsystem.com	pelotainvernal.com
5	match.adsrvr.org	pelotainvernal.com
5	x.bidswitch.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.jsdelivr.net	pelotainvernal.com securepubads.g.doubleclick.net f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
3	search.spotxchange.com	ad.lkqd.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	mug.criteo.com	pelotainvernal.com
3	t.seedtag.com	flower-ads.com t.seedtag.com
3	f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	pelotainvernal.com googleads.g.doubleclick.net
2	dsum.casalemedia.com	2 redirects
2	eb2.3lift.com	eu.sportradarserving.com
2	sync.1rx.io	2 redirects
2	creatives.sportradarserving.com	eu.sportradarserving.com
2	c.4dex.io	pelotainvernal.com
2	s.seedtag.com	t.seedtag.com
2	ups.analytics.yahoo.com	2 redirects
2	a.vidoomy.com	pelotainvernal.com
2	fastlane.rubiconproject.com	flower-ads.com
2	script.4dex.io	flower-ads.com script.4dex.io
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn-conectate.kiskoo.com	pelotainvernal.com
2	cdnjs.cloudflare.com	pelotainvernal.com
2	flower-ads.com	pelotainvernal.com flower-ads.com
1	dsum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	cs.media.net
1	1f2e7.v.fwmrm.net	1 redirects
1	partners.tremorhub.com	eu.sportradarserving.com
1	sync.targeting.unrulymedia.com	eu.sportradarserving.com
1	id5-sync.com	cdn.id5-sync.com
1	pixel.quantserve.com	pelotainvernal.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	secure.quantserve.com	t.seedtag.com
1	ib.adnxs.com	flower-ads.com
1	mp.4dex.io	flower-ads.com
1	prebid.media.net	flower-ads.com
1	ap.lijit.com	flower-ads.com
1	htlb.casalemedia.com	flower-ads.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ads.vidoomy.com	flower-ads.com
1	widgets.outbrain.com	pelotainvernal.com
1	ad.doubleclick.net	pelotainvernal.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ecdn.firstimpression.io	pelotainvernal.com
1	www.googletagmanager.com	pelotainvernal.com
1	code.jquery.com	pelotainvernal.com
369	74

This site contains links to these domains. Also see Links.

Domain
www.conectate.com.do
emisorasdominicanasonline.com

Subject Issuer	Validity	Valid
pelotainvernal.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
ad.lkqd.net R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
c.4dex.io GTS CA 1D4	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.sportradarserving.com Entrust Certification Authority - L1K	`2022-09-30` - `2023-10-15`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-02-12`	a year	crt.sh
tracker.ads.sportradar.com R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh

This page contains 52 frames:

Primary Page: https://pelotainvernal.com/
Frame ID: 6067FFFBA7F9A39396045977143C9AC2
Requests: 117 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 8B33E0A10C712C51BECD4518457A8C2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671508883&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883174&bpp=19&bdt=167&idt=405&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&correlator=7790105034525&frm=20&pv=2&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NoslnPbUj6&p=https%3A//pelotainvernal.com&dtd=441
Frame ID: 377047CE47306A9B2DB71FC4E7EC5396
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671508883&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883204&bpp=4&bdt=198&idt=508&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gys0a7tQEv&p=https%3A//pelotainvernal.com&dtd=527
Frame ID: A54D0DB569C7BFA072A504C7055BAF60
Requests: 11 HTTP requests in this frame

Frame: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47750664306331F130012538E2C1C719
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671508883&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883465&bpp=10&bdt=459&idt=396&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=433
Frame ID: DA5C4B20201F5D754902093E80D566CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9BFC8356D167C28FC2876FF6748DBDD8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6251F15EC016920ADA0FFDA5835D7B62
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 9BAC7781F2901C2F50563CCFEF3EA1C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 846A239C514503C10654471AF7F2E992
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: E2908F40E89C059E542AE3BCB22C6382
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C49EB5FE7D73A8C1912C17C5EAB41050
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97E14600736CBE0E6B469DE8F3B75751
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 85C4C993DCBC9189484C6D36E5DBC78E
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 65477E104DC8212890F4A8057978F52C
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2FEDE060FDBFC65528A226D78D008252
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 880A597525339396E75DA2325B39F462
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: CB9E361612276A6008C70FDDACE987D3
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2EA1FCEB36B0A27B722494C7EC6B3D64
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 09763A44786A3878D390F4386A5DAA74
Requests: 2 HTTP requests in this frame

Frame: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F56D7E10C46C9B4458D58D4AB3437660
Requests: 8 HTTP requests in this frame

Frame: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD38DF3E133EB4421665547393B36729
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com
Frame ID: EE427F958411BA08AFB4C988000C382D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E53689127347FD9D1EC38ECAA6E44953
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6BF9952136F0DDFDEF77D8D34BBE3210
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22
Frame ID: B26EDB93EDFB1D098995AA090F7E49BB
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22
Frame ID: 2536F7228679367E3BB060A17A5E20D1
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/static/creative-sandbox.html
Frame ID: 8D174D30506BBB6AADFDC04CA2C9BB6B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/creative-sandbox.html
Frame ID: D3B8C59104F6F3B18961DF03196771A4
Requests: 1 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Frame ID: A5015A75805A184F890AA78BB0D30EA1
Requests: 7 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Frame ID: 53ED101297AFBFAFACCB8621EFA50514
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: EA493D75AFBD921F1C0E0BD8B04B9869
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CA1302A2631A39C957C43B842D1F576
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A692F25164FF8FCAD35A45628470F6F3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 557C5CBEDED072DD52EF6C8B3AF58BA4
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1776E827DF5F18FFDFCFA3A59E6122F9
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6615852C4C64E4437E405632FCBD5B45
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 16C16ED9EAC53B357B132B8130AB5EB6
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 8FFAAE96F5DD22B8C9A2CD420CF04819
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9FF51BC109A37CABF4D1513CC2733145
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: BFCE023DA874BEEF7A85E949F38625C0
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 92A490CE8E4474F041C4ED7EB8230A1A
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 21685387217BE0276C2F07C079451B0C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 85C657C3D599A2155A7F6D3144238962
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8816C768AC77CF317DC19E1B9BC8DEA1
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 5A6DFA0CC3CA3EF7E3F1339BF9AD3E84
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A602E95AB475EBEC7AEBBD34812D6A9F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F490CDAA1621400FC920C225D1FBBE38
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F6E6B9A7258923630D82802B1A356AB3
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 8B079914729239C750AFEB886C459E26
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: EAC466EEF9C3B3411F0F5441861DD630
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3501E17FC30DD15529515A5A1C3A27BA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PelotaInvernal.com | Resultados, Calendarios y Posiciones

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

369
Requests

84 %
HTTPS

46 %
IPv6

50
Domains

74
Subdomains

63
IPs

8
Countries

3324 kB
Transfer

9253 kB
Size

54
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conectate.com.do/articulo/campeones-beisbol-invernal-dominicano/?swcfpc=1
Title: campeón del torneo invernal Dominicano

Search URL Search Domain Scan URL

URL: https://emisorasdominicanasonline.com/
Title: EmisorasDominicanasOnline.com

Search URL Search Domain Scan URL

URL: https://www.conectate.com.do/articulo/estadio-quisqueya-santo-domingo-republica-dominicana/
Title: Estadio Quisqueya Juan Marichal de Santo Domingo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=D2RqdXxpODV3OGhCKzNFSjFLejcxMmREa25wek5OYmpCaDVnbndRQm9kV3lMbDRkaTV4N1cxYXVXWXl1MHRFV1NvOWVQdUQydUtxUTFHa0s4cmhUdjdMYUpNOGtpbzRmYnhMaCtjTVF2L0UwMlRMZzdCaWtuV2VqQ2szMXdWY2N3ZFFaUitjSStGb3hQRFA0ZnhJNTRHZmdBUTFKbDlNb3hYVG41VW1CR3VIMnlKdHU5RDd4SWg1Y2RRa3FpeWpnKzBUN2tiNVRBWmt5eTJLK0F6RXVKblA0SU5NYi9sbE11Y1FEZEdvNGhUSzFqYlRDRXRydTdYT2FBTHhTWVNxWFcxTmVTfA&cppv=2

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=792084949.5640641441120050.1603321 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=792084949.5640641441120050.1603321 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=59581c88-802c-4288-8832-6135eb3e7eb9&google_hm=NTk1ODFjODgtODAyYy00Mjg4LTg4MzItNjEzNWViM2U3ZWI5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOZMmhLzd9ojr0I-ap6yWFM&google_cver=1&ssp=vidoomy&bsw_param=59581c88-802c-4288-8832-6135eb3e7eb9 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=59581c88-802c-4288-8832-6135eb3e7eb9

Request Chain 106

https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-R6Ib_aRE2uGlFSCyoZAiUDo1fR83NCKNRSr07PM-~A

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=46aada8b-ed06-4212-8d10-832e62d8f1c8

Request Chain 138

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3997045560893824295

Request Chain 139

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=J2-Uu8g4Q-hPdRv-T_sIR5JGdVQ

Request Chain 140

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=cd2e1732-397f-4e96-9281-a65d47c77ab1

Request Chain 143

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 144

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 173

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=IY78gl9CbzM3UmRVVSUyQjlyVld6ZDdmcGhwVjhtREo4SFc0TiUyQnBEcm5raFhpRUN2UGpDcURYanROSUJTWnB1eGxBNUpuVSUyRm56bUxYazRWc2tDZlVObUg0QjBDc2dQJTJCTmIzQWo1VU9hdHl3VzFqSkx0Y2h6eWVldG9pYk1kcVoxTlNrZjBO&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cyO0kHxhTTBnYlhoNkxqeERoNVBVVmRLQWw3bXNROEluM0ltcGRkblgxaWlNRXd1anhVZTBHcG5ObGJ2QUZOYnFOZGpHazloWDlLWTZaeTlMZmJrY1B6clZGbGEreXRsak9pa1MzT0VpanhSNHY0ZGJ5ZXVHSTZPSE85c3JaNkEwZUFnVkRJeGF4OEhvYTl5cDdnN3pZR0hJeDB2Ti9IbnVMSEFRelhoUkkvc2xxNVNzOUFSS2k4RkJZZTFtZ3FyaXR3QjMrYlBkY1hhdnBQYTNXSHBLcUVuQnJ1djdoOGJlMTdEYnczYVBTS1V0bmVLcDAvNmV2eFNEVHVzcEJ2bVRlOHpUUTgyTENneHB2S1VuaTFRcTdDcU9Td3IraHQzbDlPZ0c0S0N2K2VUQ0x5TT18&cppv=2

Request Chain 182

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 183

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 184

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=96ea7f0f-93a2-48ac-a946-1e346765bf60

Request Chain 196

https://eu.sportradarserving.com/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D HTTP 302
https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D

Request Chain 199

https://eu.sportradarserving.com/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D HTTP 302
https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D

Request Chain 209

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1da418b4-fac2-4ca4-904a-4a3ef5d65f83 HTTP 302
https://sync.1rx.io/usersync/bidswitch/59581c88-802c-4288-8832-6135eb3e7eb9?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/59581c88-802c-4288-8832-6135eb3e7eb9?zcc=1&cb=1671508888357 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003

Request Chain 212

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1da418b4-fac2-4ca4-904a-4a3ef5d65f83 HTTP 302
https://partners.tremorhub.com/sync?UIBS=59581c88-802c-4288-8832-6135eb3e7eb9

Request Chain 219

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3f8db5bbeba5994b18ec076cacf1b8d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g089_7179076008933868593&gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBR1u5jwlb_aowOhNaIdMqU&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 224

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 225

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 240

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922980446165

Request Chain 245

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a73a1958-da64-4534-9435-3ce253ef4056

Request Chain 248

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 249

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 261

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 265

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 267

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 282

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d5f36639-70f2-40d6-a733-49a031b1b0c0

Request Chain 285

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 286

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 296

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 302

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 304

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 314

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 315

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 316

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2371f7a-f3d9-4aa2-af9f-b4cc60b7f2c8

Request Chain 327

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 331

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 333

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 343

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b338571a-ef83-4df4-90bd-96fbd03e6414

Request Chain 346

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 347

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Request Chain 358

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 364

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 366

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 375

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3646b22-0298-4af6-9142-2d928c06068b

Request Chain 378

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

Request Chain 379

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

369 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pelotainvernal.com/ 80 KB
16 KB 405ms
193ms Document
text/html 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 48b4c71365efa44df7c705f5ca9229a5f0028a5a6eef612eebedb9c66cfba6f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/ 160 KB
25 KB 46ms
15ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23654353
x-jsd-version: 5.1.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKlJMgXDuhFtbN4rOgnXMIi4brsskFrcmCylyBHLHCskzPo%2B2y9g7ubckdVZCqVKNkCcWSyVoRzjHUXlCpQdiRb26BoNfv0iewL2si2Go7pgge%2Fkq7%2B653ztA%2FiBB5Ay9iLFQXiCiQb4tt3IrrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77c579f70a2a924f-FRA

GET
H2 200 responsiveslides.css
pelotainvernal.com/vendor/slider/ 490 B
421 B 100ms
97ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-1ea"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 site.css
pelotainvernal.com/css/ 18 KB
4 KB 113ms
110ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/css/site.css?v=2.50
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 10:53:15 GMT
server: nginx
etag: W/"61c8499b-4711"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:20:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
H2 200 smart-app-banner.css
pelotainvernal.com/js/smartapp/ 6 KB
1 KB 100ms
98ms Stylesheet
text/css 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.css
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-17b9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 80ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

455d232ae6054856f28cb23b34ba060fd65341cf21dd7a5c9dfa93722752a2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49636
x-xss-protection: 0
server: cafe
etag: 3795193933692633169
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 82ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1426 / 412 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
H2 200 pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 231 KB
68 KB 757ms
707ms Script
application/x-javascript 2606:4700:20::681a:179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 14:17:03 GMT
server: cloudflare
etag: W/"39a62-638765df-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsGUXeQy9JSfTogpPo7DdX%2FJ81XJJT1wnRjz5dasPazNIdakENyqjE8OSqs23%2FYuCq5EqENIUgLrfpmiM%2FsXoY6p2k8ivl%2FcVxlsNMozj3wUpAF0FkT8yDS9P8ZHQg1hbEEqOW%2FL5ybqAeqp"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77c579f82ab68ffb-FRA
expires: Tue, 20 Dec 2022 04:01:54 GMT

GET
H/1.1 200
OK 7902d366eeaba88fdaf00c9aad70217a.png
s3.amazonaws.com/cdn.baseball-new.com/ 4 KB
5 KB 342ms
115ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/7902d366eeaba88fdaf00c9aad70217a.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sun, 22 Nov 2020 13:46:40 GMT
Server: AmazonS3
x-amz-request-id: EQ6QXB57P60DQ738
ETag: "883334535bb63d443032135b065e0884"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 4585
x-amz-id-2: +k/b/sJS+HOHYU9L5sE4KSzlUR8VRO/RRePa+GZ88AyP9wIi8x9BDDKv23164USwwOFPf7+H08Q=

GET
H/1.1 200
OK f0fb0b8bc2a38afca24fa01fd5f74635.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
12 KB 348ms
122ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/f0fb0b8bc2a38afca24fa01fd5f74635.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:57 GMT
Server: AmazonS3
x-amz-request-id: EQ6XMR0WVYYYTWAV
ETag: "c8fac8558e3e9e13ca76375e6b1e95fa"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11566
x-amz-id-2: HIQFa4fGoaeMIYgCjN0OyBEwFng1lmpBliR6vENb18BvfFkjRA6tiGL2gyiaj2BiQHEjbePRa0I=

GET
H/1.1 200
OK bc83c5669a23ea41ef5f755bfbd50ebd.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
13 KB 343ms
117ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/bc83c5669a23ea41ef5f755bfbd50ebd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:20 GMT
Server: AmazonS3
x-amz-request-id: EQ6KEG1WE20F8GXX
ETag: "97c26d2ba9057f036660b0f2c8b181ab"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 12564
x-amz-id-2: VQ/j2ALPLdbIO77uoPKQvxoV/KCALtUMozNrKl2WIhiTOYG9VcHB8sqhFfTNJLB2Bl5+Bp0aHAA=

GET
H/1.1 200
OK 0d180431331e93a791f23a77d4b94122.png
s3.amazonaws.com/cdn.baseball-new.com/ 12 KB
12 KB 333ms
117ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0d180431331e93a791f23a77d4b94122.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:14 GMT
Server: AmazonS3
x-amz-request-id: EQ6R8N1RB8101CV6
ETag: "1fc02092dc83a776e055b8df83f64b50"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11790
x-amz-id-2: PV9hVnRSuesYEyVfA2k2Z+zbwFutCIlJkChpIw2pc1Kw8Sudj3m38SpNiJVj0+D7vVpCYq4lHGk=

GET
H/1.1 200
OK 3657a463e594aec7d83697355ad2e541.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 324ms
118ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/3657a463e594aec7d83697355ad2e541.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:02 GMT
Server: AmazonS3
x-amz-request-id: EQ6H26A6KMX7V4C2
ETag: "1375b3cdbbeb3aa10a2abef1543beafd"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 11177
x-amz-id-2: 2P4A31UympJkuQOho5RzkLeJoc2nhU8ZUQSNoNMDiAMqhrBwuORl0mhFSF9pbKm1bYhOPOSDirk=

GET
H/1.1 200
OK d8b8a0a312b685f33e63d453b0d2db83.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 408ms
110ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/d8b8a0a312b685f33e63d453b0d2db83.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:59:09 GMT
Server: AmazonS3
x-amz-request-id: EQ6ZVCGY56J5P7N1
ETag: "d00fe6039c67811cd9e76529a3d298df"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10968
x-amz-id-2: webarh8nGK9WLew2H73pNmRQNLwcGsevpjQW4RVEms3RkSZO1uoTmxSkxNWlj7nzwEP2cyihDh8=

GET
H/1.1 200
OK 9888ecc384811ab5781b0310ae9401a9.png
s3.amazonaws.com/cdn.baseball-new.com/ 11 KB
11 KB 180ms
135ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/9888ecc384811ab5781b0310ae9401a9.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:58:50 GMT
Server: AmazonS3
x-amz-request-id: EQ6WECZZ0307CFR4
ETag: "25b21a978a769c711a8cc5c6fe2b22a9"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10966
x-amz-id-2: ucQonOqSgK2ppXBfs7Sl/dw3e9DsqkMUxXCQ0RtyVpn3lV+DMvMkON7xc5HFKgigWs2E2TdPSnI=

GET
H/1.1 200
OK c7c5d314bd780195ca2739e007b04e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 114ms
112ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/c7c5d314bd780195ca2739e007b04e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:21:55 GMT
Server: AmazonS3
x-amz-request-id: EQ6Y1YRACEMVGYDE
ETag: "344653c6dda80cd480444be1aef2a807"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10027
x-amz-id-2: HIwtZzKj2SSMGNoRIDaGTOVBxFlWTfTuLJ9SQWRSZbgFlgDtIApN27Si+j1bcuaqkfTTbNcxBC0=

GET
H/1.1 200
OK 8f6f2a20b0b9cd88bcff3b93bdd9c615.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 124ms
122ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/8f6f2a20b0b9cd88bcff3b93bdd9c615.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:04 GMT
Server: AmazonS3
x-amz-request-id: EQ6SAAZD4FBNZK1V
ETag: "f372c04545a398bbcfd0256f8e49d1ac"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7971
x-amz-id-2: B6HZj+/a1KJY+yyGbTw+jxmm02y+ShEf5NkgmeHEFpOXqPzSJGjRslywpnNM7LopndGUsQO6e88=

GET
H/1.1 200
OK fa5ccb26f0dc095843644942bde4b7cd.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
10 KB 148ms
120ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/fa5ccb26f0dc095843644942bde4b7cd.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:20 GMT
Server: AmazonS3
x-amz-request-id: EQ6YVQAM5C7JHYV0
ETag: "687caec8c60c4146282dc57feb116506"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 9897
x-amz-id-2: vqTHjIUINzZ+LJl8LRnIBDi2P0ZJsmL6eS9PGfe2Ui4vrrFY+pnWHt3a84YunrXRsbJiDtOEb5c=

GET
H/1.1 200
OK 0ac73fe9baac5a44d5760cf8eca6394f.png
s3.amazonaws.com/cdn.baseball-new.com/ 10 KB
11 KB 290ms
109ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac73fe9baac5a44d5760cf8eca6394f.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Sat, 14 Nov 2020 22:57:44 GMT
Server: AmazonS3
x-amz-request-id: EQ6TFKGXSWJ9J5TN
ETag: "757f209841921bd84efe00e6415c5118"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 10369
x-amz-id-2: NN7z1YshjvFtUy73NQDwxSwZAJJq5/bwOiSGGuOaR+a8iSz6tp86tWJ1oVgQrQW1XIIGnc5LNOA=

GET
H/1.1 200
OK 4a9533cbf5e05f2abc7515331906d891.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 135ms
121ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/4a9533cbf5e05f2abc7515331906d891.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:12 GMT
Server: AmazonS3
x-amz-request-id: EQ6XXDKD4FEWXVCV
ETag: "aad87560e4512c4693466db607703d76"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 8155
x-amz-id-2: j1HVhEQPG0Tp1l1u2cMDTA7mSeavtx+fA0oTOfdorlbxZN9hmt4+xGp4f8g+UQcujHY9MhJXy1g=

GET
H/1.1 200
OK 45017492450cd1f4a0003643f186f5a3.png
s3.amazonaws.com/cdn.baseball-new.com/ 6 KB
7 KB 124ms
111ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/45017492450cd1f4a0003643f186f5a3.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:30 GMT
Server: AmazonS3
x-amz-request-id: EQ6NVV5SH8RNVVPR
ETag: "d5e4057bad41787bb08c8c943e446a95"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 6654
x-amz-id-2: 0uacFohq5KGhhm8cR/fcQCNRW8szx0QiWboWunulCpAfacdGB22FmpPHPh9shEeyrAlGLdrjRLg=

GET
H/1.1 200
OK 0ac7c75550df48fba0d82e80f05a0e63.png
s3.amazonaws.com/cdn.baseball-new.com/ 7 KB
8 KB 126ms
112ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/0ac7c75550df48fba0d82e80f05a0e63.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Tue, 15 Dec 2020 13:22:47 GMT
Server: AmazonS3
x-amz-request-id: EQ6WR6E4J063FGYX
ETag: "e5144af4c4398b7856b08750c111a29f"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7432
x-amz-id-2: R4t2qZjcwSwNPCCb0mtvJVOfKwdIQ+SxfFfxpVA4DHiGoIHMX9ba+Ra+SqNqYTBZJJs4pF3HkH4=

GET
H/1.1 200
OK b91a8061b0b3557371fed15068f48586.png
s3.amazonaws.com/cdn.baseball-new.com/ 8 KB
8 KB 122ms
109ms Image
image/png 54.231.228.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.baseball-new.com/b91a8061b0b3557371fed15068f48586.png
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.228.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:24 GMT
Last-Modified: Fri, 28 Oct 2022 15:31:56 GMT
Server: AmazonS3
x-amz-request-id: EQ6HRHGDWCPPYHTW
ETag: "780b528b59b0bc2a422527bb6507da39"
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 7952
x-amz-id-2: RREgK+qXAKAQzrD78sfkZZVFO7LNfB3eDNKcW6jaqL0cmtkoMpkyzwZY7fD7ZplCKEDQN6Qoorc=

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 59ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKODhZ0GEo4BCiQ4Y2FkM2Q0Mi0yYzU5LTQ2N2YtYTA5Ny0wNTc4ZTRjOWYzMzUQ+OiCoKvU+wIaBgiT54SdBiITMjAwMTphYzg6MjA6MjcxOjoxZSj67gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGMyMjM0YzkyLTk3MGUtNDBmYi04MjlkLThkNzIzZjVjZTRmMhit6wEiGAgCEhRjZHMxMzMuZnI4Lmh3Y2RuLm5ldA==.TxOeaWHk35o4w3gs1yWehiqMMvgaTCT6n62hkjCnlxU=
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1671508883.dop149.fr8.t,1671508883.cds265.fr8.hn,1671508883.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/ 58 KB
17 KB 25ms
24ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12524881
x-jsd-version: 5.1.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA, cache-itm18842-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=da4UVaAeqiND8J1qvNZ0jFXx6wE3M%2B%2F1JtiXX9%2BzMESeLQ%2FZtEzDUiGJ38WP2%2FWDq4cfvOElxf9A7zLfWvc%2B7lK0VL1qLSOQYVkZ8i%2Ffv%2F6pz6it0vHj4IaplSY3ptdzSSr736TTmRxx4ZQ75BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77c579f79aab924f-FRA

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
16 KB 58ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 633195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15476
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQ1H4i%2F8dURR4u35EBs9I1ZQpkFfnjeQ2vi3bfB9sDLlSVVSLy0GJ1E68syFhIiL2EOBkNevukDW6q65LugUkliwaH9V06kY9I6yxmwDWYxCbrLHksfekTDDbpf%2FVzUbCB%2FFv41H8cwSnO9BXOT09iID"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77c579f81dc892a7-FRA
expires: Sun, 10 Dec 2023 04:01:23 GMT

GET
H2 200 knockout-min.js Show response
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ 59 KB
20 KB 59ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/knockout-min.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2967447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19879
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-ebc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNUk%2B9H3KISCrB4QkoyfxCx%2FC%2Fi4VjB898Wf9ImLMSltL1p5MVbaWvQQ2MkOzkkFOQBrcGXOLmPPN0Jur%2BzHG4SCn2ifv5Cfvy1ZwsE%2FENNvhvaLAbEzvxFYzYAsiYlimMZZKHwlvp5oFPLhkq3g%2B9WL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77c579f81dca92a7-FRA
expires: Sun, 10 Dec 2023 04:01:23 GMT

GET
H2 200 knockout-switch-case.min.js Show response
cdn-conectate.kiskoo.com/web/js/ 3 KB
2 KB 64ms
16ms Script
application/javascript 2606:4700:3032::6815:6097
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/web/js/knockout-switch-case.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:6097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4G2353E2GRKFTK44
age: 2833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lIdrvtJc5BSW1a4bal8qYWtCTql58n9uNQWR2yYcIKsTxGZzYAP89okWg0U5F5hfzy2j0+HVRus=
last-modified: Sat, 13 Oct 2018 08:10:55 GMT
server: cloudflare
etag: W/"c6682e07d18a5a4b0209d9351134154e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gGYZ92shgLu8pTBcTWdwCajgv%2BCizpdB544HN3lPJVL9gY8yCXJFmhLXlWtg3n3jM%2BA3IgBlN0FLx%2FmaP8unN5%2FS59Q7JVEbZQVb2HWEw7Y79zHQeUntEWxkPHEDQDrpZmQ1NgeLXcZ1G1DkbPi5diq6eXKF8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77c579f82b84926d-FRA

GET
H2 200 game-socket.js Show response
cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/ 1 KB
1 KB 61ms
15ms Script
application/javascript 2606:4700:3032::6815:6097
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-conectate.kiskoo.com/modules/sport/frontend/assets/js/game-socket.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:6097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5W7A7N9HDZH1SSDN
age: 3992
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gm2FgYdrX0LB0++3W9I25smEOVrjwjNDNCA3FXXvVFS0Q+O4T8e+faxNfNyk+lVjHjzmho7ns8g=
last-modified: Wed, 24 Aug 2022 17:10:05 GMT
server: cloudflare
etag: W/"0b6216bc1faa63361b5940d7cea9db21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B8APt%2FDTkBjGS7iF6oL2M%2BkLliTFn%2F5jd91OiVU%2BXRm2yYFLFXIarZY4pYji5aDUaBenKbMa0LoVLoE9aCFjuTaPuI0OUFVBcRXMTF%2BQbqLaV0%2Fqpnttz05BS%2FmM4a6s9JK48OQaeqEvFeFcRaxNITFtRg9ZPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77c579f82b85926d-FRA

GET
H2 200 responsiveslides.min.js Show response
pelotainvernal.com/vendor/slider/ 3 KB
2 KB 110ms
98ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/vendor/slider/responsiveslides.min.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 10:38:14 GMT
server: nginx
etag: W/"59dca316-d44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 smart-app-banner.js Show response
pelotainvernal.com/js/smartapp/ 17 KB
7 KB 111ms
99ms Script
application/javascript 54.208.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pelotainvernal.com/js/smartapp/smart-app-banner.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-89-30.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:50:23 GMT
server: nginx
etag: W/"5bc8818f-444b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 51ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

336182f1759d9bbb94d405eae118f13a00b5562e4253c9151d0f91e69801a4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43613
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 8B33 10 KB
5 KB 49ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 17:18:40 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 17:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 355 KB
117 KB 78ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com&bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

647131415201ca0045ff7838f0473a3f937ca5339e84b274975274f1516fe233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119726
x-xss-protection: 0
server: cafe
etag: 14593432417149111436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 312390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 44ms
17ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pelotainvernal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 341514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 05:09:29 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 19:29:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
719 B 38ms
16ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pelotainvernal.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Tue, 20 Dec 2022 04:01:23 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 83ms
7ms Script
application/javascript 13.225.78.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-76.fra2.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

fe8a6570027e23af6d729e24846f6602c7acc23543a11379cb440a6c8f0e7391

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 03:43:31 GMT
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Tue, 20 Dec 2022 03:43:31 UTC
server: nginx/1.20.0
x-amz-cf-pop: FRA2-C2
age: 1072
x-powered-by: PHP/8.0.14
etag: W/"e6472f1a0c3ec93ab64d1a0cb0d6d76a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bLS3fQhizuvBPUw6o9SFFQTi2d72h56gtFudVR-rF11RNa6kD4Nurw==
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
701 B 159ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pelotainvernal.com&callback=_gfp_s_&client=ca-pub-3139134883708761&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3139134883708761&plah=pelotainvernal.com&bust=31071277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ef3afc49900acf681bc8da9379c406481c119b94ad0aca2ed9f8cbe5e5ef764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 84ms
0ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3770 88 KB
32 KB 362ms
294ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671508883&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883174&bpp=19&bdt=167&idt=405&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&correlator=7790105034525&frm=20&pv=2&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NoslnPbUj6&p=https%3A//pelotainvernal.com&dtd=441

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0ce63b2a5087913c6397603b996268423609e29101ec56d71daa78a1f32cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:23 GMT
expires: Tue, 20 Dec 2022 04:01:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
2ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19230497-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 03:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2206
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 05:24:37 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A54D 96 KB
32 KB 310ms
300ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671508883&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883204&bpp=4&bdt=198&idt=508&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gys0a7tQEv&p=https%3A//pelotainvernal.com&dtd=527

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6861490ff123153e9cc582abc56ae5ad400add339d07b36b508ba49b59253198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32799
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:24 GMT
expires: Tue, 20 Dec 2022 04:01:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 553 B
312 B 102ms
61ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418215545120311&correlator=4465455025111272&eid=31070872%2C31071221%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=40135427%2Cpelotainvernal_Video_Intext&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1276542802&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1671508883818&lmt=1671508883&dlt=1671508883007&idt=759&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac3a28bb64c45de399eab54bdabd6a8d24cf69b645c177cd13eb9d4c9890886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4775 6 KB
3 KB 123ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:23 GMT
expires: Wed, 20 Dec 2023 04:01:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
44ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpelotainvernal.com%2F&tn=NAV&id=w0&cls=navbar%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA5C 97 KB
34 KB 386ms
384ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&adk=1812271804&adf=3025194257&lmt=1671508883&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fpelotainvernal.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883465&bpp=10&bdt=459&idt=396&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100%2C728x90&nras=1&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=433

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddcdd586cbbbd28c5b4a2c9b9ced92f17f7738885bccb0a9554f2cad4ff7331f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34991
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:24 GMT
expires: Tue, 20 Dec 2022 04:01:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 136ms
8ms Image
image/x-icon 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 09:21:53 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 163ms
35ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 19 Jan 2023 04:01:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
53ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=925227985&t=pageview&_s=1&dl=https%3A%2F%2Fpelotainvernal.com%2F&ul=en-us&de=UTF-8&dt=PelotaInvernal.com%20%7C%20Resultados%2C%20Calendarios%20y%20Posiciones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1035901780&gjid=794574507&cid=1681588742.1671508884&tid=UA-19230497-1&_gid=1301188506.1671508884&_r=1&gtm=2oubu0&z=121353318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3770 4 KB
621 B 69ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671508883&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883174&bpp=19&bdt=167&idt=405&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&correlator=7790105034525&frm=20&pv=2&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NoslnPbUj6&p=https%3A//pelotainvernal.com&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:36:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3770 2 KB
818 B 113ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3770 23 KB
10 KB 108ms
3ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3770 3 KB
1 KB 102ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3770 18 KB
7 KB 99ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3770 153 KB
47 KB 398ms
365ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3770 34 KB
14 KB 63ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3770 0
0 72ms
55ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVkbXkzOhY9PVK4yr3gP24C2amNOBbuf9k72UEeiqtpWLAxABIK2Q9B5gleKQgqAHoAGisbydAcgBCakCiHal-GP3ST6oAwHIA8sEqgTOAU_QC7EJVWHZl_g4mC6gRjtgzefBQuRASkYsMuSEc6naCnMkgH9BIiSwJRbx03aNJOg50GjTRifGtb-s0SCiI02uyAl08fh1E7A0I8NaycQ7ZYjzXlPWHSyfIYBXOAOy0LPllPsCxpPCGa6oqos0v5rW4c8k_x_qYjgG3IO-414TJjHPRZGbHC-WLmW3RGXs8wpTOm6hgKp9Y9jo_IZUJNnGz11zr2oW8KuVSbD6dhqKzi1oSxVtnWZOE3SyHpLh7UE0mGFbHaxsZGGTH8YNwAS95q3BkgSSBQQIBBgBkgUECAUYBKAGLoAHxs7D4gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxC-XtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zMTM5MTM0ODgzNzA4NzYxGAA&sigh=9GV2DPvCMrY&uach_m=[UACH]&cid=CAQSGwDq26N9brtDd60hcHWJEjAT7tPwDxXdojrIUxgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=100&slotname=8815456802&adk=88850195&adf=2364240886&pi=t.ma~as.8815456802&w=1298&lmt=1671508883&rafmt=12&format=1298x100&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883174&bpp=19&bdt=167&idt=405&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&correlator=7790105034525&frm=20&pv=2&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=151&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NoslnPbUj6&p=https%3A//pelotainvernal.com&dtd=441
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:01:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1426 / 627 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H2 200 prebid7.25.0.pelotainvernal.js Show response
flower-ads.com/tag/pelotainvernal/ 316 KB
97 KB 271ms
217ms Script
application/x-javascript 2606:4700:20::681a:179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=324455
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 18:22:14 GMT
server: cloudflare
etag: W/"4f367-6373d8d6-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mm0g9rcu9APyvqU%2F6%2BfVz8qeM5JCYw7173TlM1DcUmC1D4CACCRT4CjEphCyluuWNzjLPcKMRlVe1D%2BYZh13OfNbGHRcxtfueFMUX9EiZVUsxhSlsq59jcn8r0hay9%2BC2xhkWy7XqY5GPNJ4"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=300
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 77c57a01dd118ffb-FRA
expires: Tue, 20 Dec 2022 04:01:55 GMT

GET
H2 200 2717-2424-01.js Show response
t.seedtag.com/t/ 41 KB
13 KB 138ms
37ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/2717-2424-01.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60b2b58d7356ab2c464b18de5fc1614f0c78c9068db9e897ff100da36725160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"a2e3-JsVm6jp31uW6gN5DpN0YBoTkhlM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 77c57a02ec519030-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 20 Dec 2022 04:21:24 GMT

GET
H/1.1 200
OK pelotainvernal_21072.js Show response
ads.vidoomy.com/ 4 KB
4 KB 444ms
129ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/pelotainvernal_21072.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 4cf46d6562ebb16a2d57abc90d66c4a4f9bbf9d19ad401fcffee2627eb77ad70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:25 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 3930

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/16626803198815653150/ Frame 3770 16 KB
16 KB 64ms
28ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16626803198815653150/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c7167870d0b7e83e1ccf86c546e98a636bf84ad358450eff86d5be861499f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:33:26 GMT
x-content-type-options: nosniff
age: 145678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16695
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 18:42:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 11:33:26 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4341614275947446026/ Frame 3770 6 KB
6 KB 64ms
31ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4341614275947446026/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd1eb27ef618c453a405e4e3940704a552c52ddb46644a334371c74a9e5c104f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:19:56 GMT
x-content-type-options: nosniff
age: 88888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6512
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 18:42:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 03:19:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A54D 8 KB
895 B 53ms
42ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671508883&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883204&bpp=4&bdt=198&idt=508&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gys0a7tQEv&p=https%3A//pelotainvernal.com&dtd=527

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 02:26:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A54D 2 KB
765 B 61ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A54D 23 KB
9 KB 44ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A54D 3 KB
1 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A54D 18 KB
7 KB 47ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A54D 153 KB
47 KB 49ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:24 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame A54D 34 KB
14 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 88ms
22ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19230497-1&cid=1681588742.1671508884&jid=1035901780&gjid=794574507&_gid=1301188506.1671508884&_u=YAhAAUAAAAAAACAAI~&z=907211849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 04:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A54D 0
0 69ms
55ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjNgvkzOhY6fYLpmSjuwPtomIyAbJ6fq0ZuukzoDjDoKjp_OwHBABIK2Q9B5gleKQgqAHoAGN7OTZAsgBAakC3Dn6CcOUqD6oAwHIA8MEqgTQAU_QdEvbn2IxEZGOymFB2MaGeWM-vXVwUFt5XkjomoZmD16g6buhMebYi3SNEt9hVRucF0RfmhnDkfIxASMUasX32hEXcTPizvhrbPKEQG9CISR78zRTI3ELYOvej2NQPAlrzrahDuRmZJQ0F4QkF3Nc1oSe9etXsx6ImYxJr5YWKnI6ZqD9lVg2eO-gbSuEPAH4NjFY5BomZezDh-aVi7gpAYzR5kHE4ZLkLGo0XHoaFNxy9Q8TroMul_9xVnzFGRA3AHK1Dt2dKw7QCz28AnHABI2N6d-4A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZRgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEMVB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzEzOTEzNDg4MzcwODc2MRgA&sigh=zrJtojuY5Wk&uach_m=[UACH]&cid=CAQSGwDq26N9IbPtKdM6NeiXR6XctlEtAc4qTg6tUxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671508883&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883204&bpp=4&bdt=198&idt=508&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gys0a7tQEv&p=https%3A//pelotainvernal.com&dtd=527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:01:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 151 KB
51 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/reactive_library_fy2021.js?bust=31071277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c422479553afe51836b804de5f8e16d7cfaa9fafead477c0fed10b0dbc18b4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52378
x-xss-protection: 0
server: cafe
etag: 12091181048378146271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:01:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BFC 143 B
166 B 46ms
12ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3139134883708761&output=html&h=90&slotname=7753640662&adk=1056406635&adf=406027746&pi=t.ma~as.7753640662&w=728&lmt=1671508883&rafmt=12&format=728x90&url=https%3A%2F%2Fpelotainvernal.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671508883204&bpp=4&bdt=198&idt=508&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1298x100&correlator=7790105034525&frm=20&pv=1&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44779793%2C44780792&oid=2&pvsid=418215545120311&tmod=670460178&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gys0a7tQEv&p=https%3A//pelotainvernal.com&dtd=527
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 03:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3770 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aaea47183f288f02277ccbbaa54601ed44d52588c875f5f8784ce79d74877be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A54D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d441dd6f2ae4acc218f9a0a83f1cb6f51f3f6ff2f6a7910a426f9253a4c58d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 st_3.67380afd2d6a27f4bb33.js Show response
t.seedtag.com/c/ 66 KB
21 KB 46ms
22ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.67380afd2d6a27f4bb33.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb9c5344328c276197498d83345b3172183680f060a46aa8356547a469083ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 39900
x-guploader-uploadid: ADPycdttrAA5KpUC3RRyXKwLjX0eQ5fUr43-zrhR6iMi265RkVb3uTugmL3bArvmI1kp8KGfnUXbbGZK9l5Z0D5sW6MPfq6fi6O-
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 16:56:21 GMT
server: cloudflare
etag: W/"c1937fa788daccccc0bebdf02a47a751"
vary: Accept-Encoding
x-goog-hash: crc32c=imydtw==, md5=wZN/p4jazMzAvr3wKkenUQ==
x-goog-generation: 1671468981951908
content-type: application/javascript
cache-control: public, max-age=31496100
x-goog-stored-content-length: 19734
cf-ray: 77c57a04f823bb8b-FRA
expires: Tue, 19 Dec 2023 16:56:25 GMT

GET
H3 200 st_2.3a6c01d6b1aa61ea9094.js Show response
t.seedtag.com/c/ 374 KB
100 KB 55ms
33ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/2717-2424-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.135.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3f2148646b7fd2c8c2c3d1b64dc830f0d0a3716dfcf621b69bb555067fff47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 39900
x-guploader-uploadid: ADPycdvYbmf3vcLmxnce9m5vnyQrq1W78iaWwSMbXj-NOw6DhWYd_LKOaKY7Vam2MfsWgdFTsx1mLofG_Me3EY7OWn2kIyQHtnmE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 16:56:21 GMT
server: cloudflare
etag: W/"6eeb5c75156ede0e2e2ffc8b58b7a47a"
vary: Accept-Encoding
x-goog-hash: crc32c=+Mp1NA==, md5=butcdRVu3g4uL/yLWLekeg==
x-goog-generation: 1671468981993026
content-type: application/javascript
cache-control: public, max-age=5356800
x-goog-stored-content-length: 103552
cf-ray: 77c57a04f820bb8b-FRA
expires: Mon, 20 Feb 2023 04:01:25 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 84ms
19ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 Dec 2022 04:01:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 299663
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpelotainvernal.com%2F&domain=pelotainvernal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=D2RqdXxpODV3OGhCKzNFSjFLejcxMmREa25wek5OYmpCaDVnbndRQm9kV3lMbDRkaTV4N1cxYXVXWXl1MHRFV1NvOWVQdUQydUtxUTFHa0s4cmhUdjdMYUpNOGtpbzRmYnhMaCtjTVF2L0UwMlRMZzdCaWtuV2VqQ2szMX...

364 B
669 B

114ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=D2RqdXxpODV3OGhCKzNFSjFLejcxMmREa25wek5OYmpCaDVnbndRQm9kV3lMbDRkaTV4N1cxYXVXWXl1MHRFV1NvOWVQdUQydUtxUTFHa0s4cmhUdjdMYUpNOGtpbzRmYnhMaCtjTVF2L0UwMlRMZzdCaWtuV2VqQ2szMXdWY2N3ZFFaUitjSStGb3hQRFA0ZnhJNTRHZmdBUTFKbDlNb3hYVG41VW1CR3VIMnlKdHU5RDd4SWg1Y2RRa3FpeWpnKzBUN2tiNVRBWmt5eTJLK0F6RXVKblA0SU5NYi9sbE11Y1FEZEdvNGhUSzFqYlRDRXRydTdYT2FBTHhTWVNxWFcxTmVTfA&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d9aaf26488aae1cc952285c7f41b85a67066f174171e153afd2d16e7b192600b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 682234
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=D2RqdXxpODV3OGhCKzNFSjFLejcxMmREa25wek5OYmpCaDVnbndRQm9kV3lMbDRkaTV4N1cxYXVXWXl1MHRFV1NvOWVQdUQydUtxUTFHa0s4cmhUdjdMYUpNOGtpbzRmYnhMaCtjTVF2L0UwMlRMZzdCaWtuV2VqQ2szMXdWY2N3ZFFaUitjSStGb3hQRFA0ZnhJNTRHZmdBUTFKbDlNb3hYVG41VW1CR3VIMnlKdHU5RDd4SWg1Y2RRa3FpeWpnKzBUN2tiNVRBWmt5eTJLK0F6RXVKblA0SU5NYi9sbE11Y1FEZEdvNGhUSzFqYlRDRXRydTdYT2FBTHhTWVNxWFcxTmVTfA&cppv=2
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 398801
content-length: 0
expires: 0

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1017 B 77ms
24ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:25 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2287814
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGa4sMwg6TcUueP6xIh5P23lfI7py255zBlX45XXTPC52YMJ3z3S7z2VcdBS0Zq%2BMOE9c8G8RarkeFh%2BWeEo1lSqzhduCJ4MlENik3SlTuwYhsC1LNZkrYw9NjzuL8wksF18r7mn1F7QF2UW"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 77c57a05d9f29094-FRA

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3770 15 KB
16 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 341516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 05:09:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3770 15 KB
15 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 312392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 13:14:53 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A54D 28 KB
28 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 17:04:17 GMT
x-content-type-options: nosniff
age: 125828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 17:04:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
19ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 6251 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 14:10:33 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 14:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BAC 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 10:55:03 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 1 KB
1 KB 170ms
122ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=910000
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d29331c4b50e5830ad88d24ac216e62219369f21be660bed60fe46997a7aeb

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7ccRLDskXCdTZYBbO0SyFSZAYJY9qcYBFBSvhDKg9G0zEhbhNpIymWUBkD3V7ia%2F0Pd0SWOgIHQh%2FjIegNZF4utHrKg89hOGORjCZhojPFXRjzpy%2B1H3bX3CBlVvh%2FvE7QFA5qe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c57a06d8fc9122-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
405 B 366ms
24ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 277a735a69daa581268854820e7cfbaa5b73179d007e0e49aa41f3cb76af70d2

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Dec 2022 04:01:25 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://pelotainvernal.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 8 KB
5 KB 452ms
143ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

6da26eb5365137524cbccd79c3477776da39c6b410cebaca4e83bdce87555893

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 4572

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
606 B 351ms
23ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU15JWV5
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ab9b6f9bb57199e4cab44d2c9ff5775b8e726252bdb8e74cdf2ea39e338d3bc6

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Tue, 20 Dec 2022 04:01:25 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
450 B 366ms
34ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38aef623e939c576da3804ae119f4f93825ae81dbb1bc57bc54a6b027eabba2

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:25 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77c57a08bd229a1b-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
12 KB 486ms
155ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6140ffb16b9b8b596e53f5c2f20d627f44669d2bc0c623bd24b539671941d67b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Dec 2022 04:01:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.84; 146.70.117.84; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6dcd60e5-ec7a-4d2e-95b6-254f4374826e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
5 KB 525ms
155ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=10&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=a4fd9409-7385-4760-9697-e2ed3902cad6%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&tk_flint=pbjs_lite_v7.25.0&x_source.tid=be708498-7c54-4fac-9b06-733a11d92fde&l_pb_bid_id=1839c59b27b33ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&slots=1&rand=0.8331122190001463
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ea739c0b4ea9aa05b08122125469de6a4b6a43080a1e5c1b15ed2cd9a61cde9

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
934 B 482ms
112ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24930&site_id=447118&zone_id=2620778&size_id=2&rp_schain=1.0,1!flower-ads.com,fw0108,1,,,&eid_pubcid.org=a4fd9409-7385-4760-9697-e2ed3902cad6%5E1&rf=https%3A%2F%2Fpelotainvernal.com%2F&kw=pelotainvernal%2Cposicionespelotainvernal%2Ccalendariopelotainvernal&tg_i.page=https%3A%2F%2Fpelotainvernal.com%2F&tg_i.domain=pelotainvernal.com&tg_i.pbadslot=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&tk_flint=pbjs_lite_v7.25.0&x_source.tid=7e7dff88-7fed-41ed-9ae0-6842fc6fff69&l_pb_bid_id=19b48d9a639cc5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&slots=1&rand=0.8600738923415852
Requested by: Host: flower-ads.com
URL: https://flower-ads.com/tag/pelotainvernal/prebid7.25.0.pelotainvernal.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47fd150ffd86b74ef6866294193c62a3c159b0d14cd237e32a9d0f64b4a551bf

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BFC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

340ms
333ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:26 GMT
expires: Tue, 20 Dec 2022 04:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 846A 36 KB
16 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 10:55:03 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame E290 118 KB
35 KB 363ms
31ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKWDhZ0GEogBCiQ2NjkyMDZmOS0wM2RjLTRhMmUtYjdkMy02ODNkNDk2MzEzZGMQkKbXzNb5+wIaBgiV54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGE4MjA0MmVjLWIwODMtNDFiYy04N2M3LTllNTNmNTU2Zjg2ZRi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==.EUn53k+J4j1LWE5AmseX1RTC7ApRox6HBuuncx6dJIQ=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671508885.cds074.lo4.hn,1671508885.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame C49E 118 KB
35 KB 389ms
68ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKWDhZ0GEogBCiQ5OWUyYzA4Mi1hZjRiLTQyNzYtYWZhNy04MTQ3NzhkNGQ2YzIQkKbXzNb5+wIaBgiV54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGM4MjE3ZTc4LTQ5MTktNGNiMS1iOTYwLWQ5M2IzOTM0MjQ4OBi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==.D8ST+zmeNMrS8V1O+iCUgQ8OZNBFnSP/fGxoW3DA0Iw=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1671508885.cds074.lo4.hn,1671508885.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
541 B 351ms
36ms Image
image/gif 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:25 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1671508885848020-549
Expires: Tue, 20 Dec 2022 04:01:25 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=792084949.5640641441120050.1603321
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=792084949.5640641441120050.1603321
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=59581c88-802c-4288-8832-6135eb3e7eb9&google_hm=NTk1ODFjODgtODAyYy00Mjg4LTg4MzItNjEzNWViM2U3ZWI5
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOZMmhLzd9ojr0I-ap6yWFM&google_cver=1&ssp=vidoomy&bsw_param=59581c88-802c-4288-8832-6135eb3e7eb9
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=59581c88-802c-4288-8832-6135eb3e7eb9

43 B
356 B

12ms
2ms

Image
image/gif

18.184.207.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=59581c88-802c-4288-8832-6135eb3e7eb9
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 18.184.207.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-207-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=59581c88-802c-4288-8832-6135eb3e7eb9
date: Tue, 20 Dec 2022 04:01:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58610/occ
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-R6Ib_aRE2uGlFSCyoZAiUDo1fR83NCKNRSr07PM-~A

43 B
357 B

181ms
6ms

Image
image/gif

18.184.207.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-R6Ib_aRE2uGlFSCyoZAiUDo1fR83NCKNRSr07PM-~A
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 18.184.207.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-207-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-R6Ib_aRE2uGlFSCyoZAiUDo1fR83NCKNRSr07PM-~A
date: Tue, 20 Dec 2022 04:01:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6251 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSDY-kzOhY_HEOJSorAT7s6DwBfKtxLVtw9bQjuYQ-dHC7ZIOEAEgrZD0HmCV4pCCoAegAb_L5oUCyAECqAMByAPJBKoE4gFP0MHr7wJVRqQDikFmaMJUXAPn_jZEjVFcfrnOvuvc-JD9nL3mrummpZzIGg8gMQjOy1qT1rFX4DgCspCVTxJt5v8-tJhoDzONhMmIrqHyGBt8u7Ga83ZSllt0mbiU6Hi2kN98jljGy1R6qS1XeVW2-HGSHLOTWRaycsw9_cu5Rz_sgUss10JX3i50yA67IH_ijkAZ4HcqBRpzA9htBbR7zCY36dn0EDnNp7G0ypbbiM0mhFiHngOuV_3Rdmp6JwKShaIuqORLspDalp_Jxl2RsT_UVFzUZv9aLxHtC1CrOoKAwATSw6fDoASSBQQIBBgBkgUECAUYBKAGAoAHgbrUgwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDkdtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTMxMzkxMzQ4ODM3MDg3NjEYAA&sigh=bffE1Ejm4OY&uach_m=[UACH]&cid=CAQSGwDq26N9zlZRSOjl3EAH6QF6RzZbvcQywY3QSBgBIBM

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6251 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 15133684538119886795
tpc.googlesyndication.com/daca_images/simgad/ Frame 6251 42 KB
42 KB 10ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15133684538119886795

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8815748166bc70f7148af827bb91ba0f10660cf6860b9dc22bb72cd3ebb628e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:38:00 GMT
x-content-type-options: nosniff
age: 239005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42914
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 07:19:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 09:38:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6251 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6251 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6251 153 KB
47 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:25 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6251 34 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:13:53 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 37ms
20ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:25 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q4WF70M64VNFC2KM
Age: 2394120
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: gZ2RWT1sLX/PMETWCZMzvAC1ggkoBzrXHzocIAwYONEjkZaW5jnpNx4nDm+WhnMmKSCVPCrtQdI=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9emXDKLiLcdjg861gxAJuWAMdD%2FIEkq04iDwitU1yEAberX%2FsDApqI%2B7sCc1yUVyZWGYmM04rv4x1MaPIf2OH5Log5nguIywa5z3Jbtm4PALQM8ifXheqeAGMA757McD8rF7Waut09hvR%2FwE"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 77c57a07393fbbef-FRA

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 369ms
26ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 Dec 2022 04:01:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 417224
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pv Show response
s.seedtag.com/c/ 987 B
1 KB 128ms
36ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=2717-2424-01&device=desktop&fullUrl=https%3A%2F%2Fpelotainvernal.com%2F&cache=1671508885867&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 04:01:25 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"3db-d56IUQUr0/Vgjj1mzqd29BR6edI"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E1 143 B
166 B 50ms
43ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 03:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6251 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6b90536b31ee183cfdc77524348e9d7a271b6b71a0f084012d79f78f8a5228a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
254 B 112ms
17ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&evt=init&ts=1671508885954&pv_id=df94196d-6e5b-4a43-9e53-169dcd79d40e&amts=ban&asizes=728x90&url=undefined&auct_id=1f7a62ad-0e44-4441-b566-e7afb0009912&auct_start=1671508885517&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1671508882590&partid=205404&bidders=ix%2Csovrn%2Conetag%2Cmedianet%2Cadagio%2Cappnexus%2Crubicon&cpm=%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1267&pgtyp=&plcmt=%2F22304838115%2Fpelotainvernal%2Fdesktop_inread_1&site=pelotainvernal-com&subcat=&os=&brwsr=&u_ts=1671508885&adgjsv=1.16.2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
44 B 112ms
17ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&evt=init&ts=1671508885954&pv_id=df94196d-6e5b-4a43-9e53-169dcd79d40e&amts=ban&asizes=300x600&url=undefined&auct_id=1f7a62ad-0e44-4441-b566-e7afb0009912&auct_start=1671508885517&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1671508882590&partid=205404&bidders=sovrn%2Conetag%2Cmedianet%2Cadagio%2Crubicon&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1267&pgtyp=&plcmt=%2F22304838115%2Fpelotainvernal%2Fdesktop_sidebar_01&site=pelotainvernal-com&subcat=&os=&brwsr=&u_ts=1671508885&adgjsv=1.16.2
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 85C4 25 KB
10 KB 113ms
9ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 04:01:26 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 19 KB
5 KB 93ms
39ms XHR
application/json 13.225.78.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7293&url=%2F&charset=UTF-8&ch=4&ref=pelotainvernal.com&viewerId=null&referer=&_firid=25784136
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-76.fra2.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: ced0cfc4c3efb712101402f63a86332a8ea43f31f6045905c18889253855bb11

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: UOdqjGE1zkPu4x1NFc-UEuFcXgJgMHoQZRFaLOf2p_lHcmarqLcokw==
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pelotainvernal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 6547 4 KB
2 KB 29ms
23ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:26 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508886.cds074.lo4.hn,1671508886.cds074.lo4.c
x-sp-metadata: HS256.CKaDhZ0GEogBCiQ3MTM3NjQ4Mi1kMzkwLTRmYTUtOTI4My05ZTUyZTBkMzZmM2QQkKbXzNb5+wIaBgiW54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDVmYWI4ZDg0LWI4NTctNDFlMy05MmJkLWQ0ZmZmYzM2NmNhNRjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.cHEiTjDwDLarn0eykW8qVI0se8YabtsKSp4nTg0GWyE=

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 350ms
102ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=45761894&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c7bec7acf81e49f597be6e31f11fdc45bbadd366c8bb0f6758f44b1173e3854

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1353

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 275ms
273ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418215545120311&correlator=3269834096118951&eid=31070872%2C31071221%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22304838115%2Cpelotainvernal%2Cdesktop_sidebar_01%2Cdesktop_inread_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C728x90&ifi=6&adks=2344183488%2C1811199381&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D26ac16fa90c2f32%26hb_bidder_rubicon%3DITBHB%26hb_format_onetag%3Dbanner%26hb_size_onetag%3D300x600%26hb_pb_onetag%3D5.39%26hb_adid_onetag%3D225eb262d8a85bc%26hb_bidder_onetag%3DITBHB%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D5.39%26hb_adid%3D225eb262d8a85bc%26hb_bidder%3DITBHB%7Chb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.05%26hb_adid_appnexus%3D246f8f245410417%26hb_bidder_appnexus%3DITBHB%26hb_format_onetag%3Dbanner%26hb_size_onetag%3D728x90%26hb_pb_onetag%3D3.59%26hb_adid_onetag%3D230786c20b069fb%26hb_bidder_onetag%3DITBHB%26hb_format_ix%3Dbanner%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.04%26hb_adid_ix%3D215cb7ee1f8435e%26hb_bidder_ix%3DITBHB%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D3.59%26hb_adid%3D230786c20b069fb%26hb_bidder%3DITBHB&eri=1&sc=1&cookie=ID%3D7e3231aa31424b1b%3AT%3D1671508883%3AS%3DALNI_MY6CEIYgcdcqal2vLZyabDH-aQGjQ&gpic=UID%3D00000b9563e07d7c%3AT%3D1671508883%3ART%3D1671508883%3AS%3DALNI_MYvxyjvW9PtgHICj7KvgTuO1zR8AQ&abxe=1&dt=1671508886340&lmt=1671508886&dlt=1671508883007&idt=759&adxs=1149%2C275&adys=508%2C486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpelotainvernal.com%2F&frm=20&vis=1&psz=300x600%7C975x90&msz=300x600%7C975x90&fws=0%2C0&ohw=0%2C0&ga_vid=1681588742.1671508884&ga_sid=1671508884&ga_hid=925227985&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6427a000d32e63e1a3f495244e4a1e54a0aee4da070302c7a2077dab92338c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10924
x-xss-protection: 0
google-lineitem-id: 6007098375,6008466853
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138391572778,138391000082
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 B
168 B 43ms
42ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f0e4e7388ba32cd0f4b6e29bccd3fedebe7aba679d9a1083c06270dbce31201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2FED 4 KB
2 KB 31ms
24ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:26 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508886.cds074.lo4.hn,1671508886.cds074.lo4.c
x-sp-metadata: HS256.CKaDhZ0GEogBCiRlZjZiMGRhMS1lYzExLTQzZjItYWI1Ni0yMmY5YzM3ZTU1YjUQkKbXzNb5+wIaBgiW54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDg5MTQ1YWJhLWVmNDYtNDcyOS1iZDFjLTZiZDNhZjFjOTE2MxjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.TQHM4UYnlk+tWUfOHirij7xoJ7ZkNVGiNBD0KltAal8=

GET
H2 200 ad Show response
v.lkqd.net/ Frame C49E 180 B
357 B 195ms
93ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171094&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=90386026&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
25ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:26 GMT
expires: Tue, 20 Dec 2022 04:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 880A 36 KB
16 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 10:55:03 GMT

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame 85C4 1 KB
1 KB 55ms
9ms Script
application/javascript 2600:9000:20eb:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 03:49:54 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: RUZEZkK7VLrUs23IT08PefjVUI7_3vpiWGBlTbed-EqSj0RRJHOMEw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3770 42 B
64 B 59ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQEEJTHFEJ9wR-phs6tn6wqUI7Gt8u8aqeIt--a5k1B1BqwDIAOvnKBdQLhuppcwmx7TSY1w16bp3NiLxoeSuMSS3015H_Ai9bnanheMXWUfp216TR04WZcmFAVlubCoWegZWWUg&sai=AMfl-YTPYwixbs07nQiY0mJXscWGiXzAQh6mdhXBlNDh254yWM_iCnE2kqBUckdYpiQe0O3nlPmyjI8eIvWR87Y&sig=Cg0ArKJSzD8kF0piEjSuEAE&cid=CAQSGwDq26N9brtDd60hcHWJEjAT7tPwDxXdojrIUxgBIBM&id=lidar2&mcvt=1059&p=0,0,100,1298&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=88850195&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671508883629&rpt=1817&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 6547
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=46aada8b-ed06-4212-8d10-832e62d8f1c8

43 B
308 B

166ms
94ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=46aada8b-ed06-4212-8d10-832e62d8f1c8
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=46aada8b-ed06-4212-8d10-832e62d8f1c8
date: Tue, 20 Dec 2022 04:01:26 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 6547 43 B
309 B 331ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 6547 43 B
308 B 339ms
99ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 6547
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3997045560893824295

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3997045560893824295
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3997045560893824295
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 6547
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=J2-Uu8g4Q-hPdRv-T_sIR5JGdVQ

43 B
308 B

130ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=J2-Uu8g4Q-hPdRv-T_sIR5JGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=J2-Uu8g4Q-hPdRv-T_sIR5JGdVQ
Date: Tue, 20 Dec 2022 04:01:26 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame 2FED
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=cd2e1732-397f-4e96-9281-a65d47c77ab1

43 B
308 B

174ms
101ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=cd2e1732-397f-4e96-9281-a65d47c77ab1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=cd2e1732-397f-4e96-9281-a65d47c77ab1
date: Tue, 20 Dec 2022 04:01:26 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 2FED 43 B
308 B 313ms
95ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2FED 43 B
308 B 311ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 2FED
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

93ms
92ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 2FED
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

131ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:26 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 48ms
20ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: EQE76HEZ6JXKNVQT
age: 2558
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77c57a0e3e1d926e-FRA
x-amz-id-2: j2Lo9VKgAHpQwSAT5fIm1uW/nR6idej/ZE8Ukdqw1cDFcrTXGGuz81VPr7G/Pn5YZKpafV0Orm4=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 14ms
14ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25564
x-jsd-version: master
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFE%2FqFUZEZHZPjSew1%2FhmxIt3INPrABOZh2%2F2MOyCP2qo6qegPCmuc6%2BZQVgU9x91aKiTIEu84nlIa35E4vMfRbc3cQbmXjX0Xqv9Q6TEPAjKYlHZk4cw2Dx0p1ht4oJzcfVJTSbxRKyBo%2BBqms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77c57a0e0de0bb3d-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 179ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Dec 2022 04:01:26 GMT

POST t
t.lkqd.net/ Frame CB9E 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 355ms
103ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 2EA1 0
167 B 311ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 310ms
104ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0976 230 KB
61 KB 74ms
28ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:26 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKaDhZ0GEogBCiQ3MGUwNWFkYi1iYTljLTQxYWEtYjBlNi1mY2E0MGQ5OTM0MmYQkKbXzNb5+wIaBgiW54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGFhMWQ3YmZjLWI3YWYtNDlkNC1iZTU2LTg3ZjNkYzIxMTBlMRjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.U21Fa3Mb0UKVtTKQucmwnB9+DdWKOJwl7JKHgGAYqMA=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508886.cds074.lo4.hn,1671508886.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H3 200 container.html Show response
f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F56D 6 KB
3 KB 51ms
10ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:23 GMT
expires: Wed, 20 Dec 2023 04:01:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD38 6 KB
3 KB 28ms
10ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:23 GMT
expires: Wed, 20 Dec 2023 04:01:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1451717242;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-506169051-1671508886524;pbc=a4fd9409-7385...
pixel.quantserve.com/ Frame 85C4 35 B
371 B 38ms
15ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1451717242;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpelotainvernal.com%2F;ref=https%3A%2F%2Fpelotainvernal.com%2F;uht=2;fpan=1;fpa=P0-506169051-1671508886524;pbc=a4fd9409-7385-4760-9697-e2ed3902cad6;ns=1;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=pelotainvernal.com;dst=0;et=1671508886932;tzo=0;ogl=;ses=efacd7ad-e9fe-4b1a-be86-4ddeb521110e

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 53ms
10ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DD38 24 KB
6 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Dec 2023 15:15:14 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DD38 27 KB
10 KB 37ms
20ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22941
x-jsd-version: 1.14.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUXA%2BCHAkucyJZoaT%2BHocJ6F3QBT0GfOFC%2BKLvia%2B%2BHdfCIP6nDxckZeR7YP9nrqt6eb3S0lPvj%2FWpr08ikbBrlVjP%2BjtIvg1RfKm%2Fszr48JTyvdM5FWu722IXtDe9CrFS0tPoLBGqbuSLYFOXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77c57a101836bb3d-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD38 153 KB
47 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6251 42 B
64 B 75ms
53ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgO-_IrYgctbNf99KE1TNrfJTy1eOARjNcimI7SWYs9uHvOtWB8Ixdq9rIzzHgCxGoAgX1UecoKMM8bZPx2kVvpnZmsGbQ1tgdSkE40N-x_4eRq4CNyiMtu2yUVnGz026UTE4u_w&sai=AMfl-YTkvDNthd0XHxld7zm_h87SW6xNqyad3yRpo2MbiCVJKwqWaWdwegE9HxVKt1FYoGKLqDlafVgQdscYLrU&sig=Cg0ArKJSzKCN9JGP9-ChEAE&cid=CAQSGwDq26N9zlZRSOjl3EAH6QF6RzZbvcQywY3QSBgBIBM&id=lidar2&mcvt=1029&p=0,0,124,1005&mtos=170,761,1029,1029,1029&tos=170,591,268,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671508885474&rpt=514&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F56D 24 KB
6 KB 61ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Dec 2023 15:15:14 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F56D 27 KB
10 KB 63ms
40ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22941
x-jsd-version: 1.14.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQAvJg4PwXw%2Fr6KDVjoOOAPWwe7OTZ9JWhS5xSve36xd59tewQi7pI6GgdQX0YnD1lwMLJB0alYNrqjtGFP%2BtLSrUCT4DR1xVjJAGrhfGEh5FC%2FHHMQ03BQDBoqHo%2BgulJr9vp98%2B6h9RAwaRhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77c57a10285abb3d-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F56D 153 KB
47 KB 67ms
44ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:27 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EE42 15 KB
6 KB 52ms
26ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pelotainvernal.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 351981
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame E536 4 KB
2 KB 48ms
35ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:27 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508887.cds074.lo4.hn,1671508887.cds074.lo4.c
x-sp-metadata: HS256.CKeDhZ0GEogBCiQwYjA5ZTkzOS0xMjg2LTQyNmEtYjUzZS1iYzgxYTI1N2FhNWQQkKbXzNb5+wIaBgiX54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDBhMWJiNDllLWRjZjUtNGU1My04MjA2LTVmMDk5MTQ3NzEzZhjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.XCX2dZSH6FEXcOoJCZErTFhUTNmoiCgwp1woNxIsHUM=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0976 18 KB
3 KB 294ms
294ms XHR
application/json 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=45761894&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f4c5149e19fa408da4762aa82ec423da78d03b2fbff0f8aaae390f32ef3649f2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2799

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 410ms
204ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=45761894&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56D 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssstct1iDTB1AD_QGTUQ8jW6HFzSEO-SEM3vME9VeSKJJOxfFg_Zbrh7NrO5Y53xP82UwJOgjiAtQ-wCVRz_BNpG4sLPnc42yzKkKeHzM0fZKXt6ikbFbbfOhvpApr3Hrw4pKoyj6v3jjDzHy53TmiIdFlCJHAlmipcW3i5un-1lK4PRaruhwNLMLx5clz6_H2hstETqxxhA6yBP9jX1e6dv6GepfsiEufpIRqPg0YjceJnEOZdtEWloDFxBPO4cTQRPI9s8Y40eJ7P8TRlX0dcxcGcspFY53ZL-ZwLrOxIksqm2JrgtWOvEjP9viT0spWfmj02cPn4N9GeJ_CDLtQHG5DOKh2qIJDeErIJUZQ&sai=AMfl-YR5s6qs5DfCZeEEmHoctX6LyU8ucXdTuhuBx0iyZICl1yvtW1iGoKnsqct5EP7CzlOz_acAgLXvonGzMft-c7Pf-iA5g8NGFxj0K0jxZJpiMwMOdAhl8LW0-8mrtM2n&sig=Cg0ArKJSzCE9h_K2C9moEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD38 0
0 75ms
48ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj40WzfOsqoDtu4ShGCn8GLVLcVtHsDdlz3DJwIrdpfXa_C1xMCQvUuKDMCY9KzXnPyOYmddV2MEbBy98bJ-0RdnRBw6PALZDB2_5eh7tfpQcBucKAY0tB3Ny5gqi7knhym7Rt_8O6H5whkI7gUuXcUvFSusP5vAyY-Atr4pAW1xbvtADr9CatyQdbsVr5rHKGMZ89ClnC5mG514WBKr0f8BUP8CBtKn7TFQtUMcGgnaoleMeXsWY7dgU9ljmKQzWkevFAEZCfPyGUq3Ar4I6zvU9FBFU4jpYjNvTKMrccOLOJxXv4iLidBeIxWfbKnzn_994HDzetNhMcxwqTkpoZE_BvUcDWoLbrwFhN&sai=AMfl-YRzxARjCqw2f8RS6Q-CYqgXubT8RqfOcdqBDtSLkWnWYmm4OyCEmZjpMLDJalO_Yw0xk_xntp6ti3cZ0-DYaF8e-fjXUBq8I1inq1NbI2J5TRJVH0c_FkoJPOKdMirE&sig=Cg0ArKJSzPnGHEe3tQ-WEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 6BF9 0
166 B 99ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 121ms
92ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx

GET
H2

200

sid Show response
mug.criteo.com/ Frame EE42
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=pelotainvernal.com&sn=ChromeSyncframe&so=3&topUrl=pelotainvernal.com&bundle=IY78gl9CbzM3UmRVVSUyQjlyVld6ZDdmcGhwVjhtREo4SFc0TiUyQnBEcm5...
https://mug.criteo.com/sid?cpp=cyO0kHxhTTBnYlhoNkxqeERoNVBVVmRLQWw3bXNROEluM0ltcGRkblgxaWlNRXd1anhVZTBHcG5ObGJ2QUZOYnFOZGpHazloWDlLWTZaeTlMZmJrY1B6clZGbGEreXRsak9pa1MzT0VpanhSNHY0ZGJ5ZXVHSTZPSE85c3...

449 B
668 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cyO0kHxhTTBnYlhoNkxqeERoNVBVVmRLQWw3bXNROEluM0ltcGRkblgxaWlNRXd1anhVZTBHcG5ObGJ2QUZOYnFOZGpHazloWDlLWTZaeTlMZmJrY1B6clZGbGEreXRsak9pa1MzT0VpanhSNHY0ZGJ5ZXVHSTZPSE85c3JaNkEwZUFnVkRJeGF4OEhvYTl5cDdnN3pZR0hJeDB2Ti9IbnVMSEFRelhoUkkvc2xxNVNzOUFSS2k4RkJZZTFtZ3FyaXR3QjMrYlBkY1hhdnBQYTNXSHBLcUVuQnJ1djdoOGJlMTdEYnczYVBTS1V0bmVLcDAvNmV2eFNEVHVzcEJ2bVRlOHpUUTgyTENneHB2S1VuaTFRcTdDcU9Td3IraHQzbDlPZ0c0S0N2K2VUQ0x5TT18&cppv=2

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3daff18c183cfe75c2d9d476adde86e4de521d60dfb4192a00640e0b2f1c6568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2478608
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cyO0kHxhTTBnYlhoNkxqeERoNVBVVmRLQWw3bXNROEluM0ltcGRkblgxaWlNRXd1anhVZTBHcG5ObGJ2QUZOYnFOZGpHazloWDlLWTZaeTlMZmJrY1B6clZGbGEreXRsak9pa1MzT0VpanhSNHY0ZGJ5ZXVHSTZPSE85c3JaNkEwZUFnVkRJeGF4OEhvYTl5cDdnN3pZR0hJeDB2Ti9IbnVMSEFRelhoUkkvc2xxNVNzOUFSS2k4RkJZZTFtZ3FyaXR3QjMrYlBkY1hhdnBQYTNXSHBLcUVuQnJ1djdoOGJlMTdEYnczYVBTS1V0bmVLcDAvNmV2eFNEVHVzcEJ2bVRlOHpUUTgyTENneHB2S1VuaTFRcTdDcU9Td3IraHQzbDlPZ0c0S0N2K2VUQ0x5TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 608023
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame DD38 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a022c6c938afeb0e5dd36986c3cf48f45826427691cb4e1e87f6c44e07a4196

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD38 0
0 78ms
49ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbQa2yXTIHYz1muBkd5y9zKGg4XStA30xvlzYN7NMbqeDhMpLqM_vsLZRWcF8cDEGIhIYfV4MD8OEDtn2L9EDiWNde8AUv8AuAN1betd_X6ndW0wDzpoauT6dqLT0NxU8TIlcFZSEoe6fkz0kfTMVNQafBDrwfT1vUOTo2O8_j1AoHeLrRi7IwkmXON3hvrft18Lv59HOR27beGDHb5AkoPmzkDKiXNQwBvig3NVvBrD10HOdbsbHzH5vIniu64el8QZzkzNJHjGzjkAeq4QN0UkFzfy0GTpUh93nhFWJ8iaPSWag-OaXqYp14ZfVeWci7VVmr8K_xGQP02EICjXr1ciUFlpPouTQKn4n8jKw&sai=AMfl-YToCmKiAfgo6ezIy31geaEMD4uvypCDozl3WP9EqZPewE94SD-sHgtzYmLLe4LIpUJu7Slc4NSLgTFQE26G8Qn1rkeIOEHyW3PKbxiL9HRGoFnsiztd12UGDpNPBsWr&sig=Cg0ArKJSzG6n1nKdAz14EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 04:01:27 GMT

GET
DATA 200
OK truncated
/ Frame F56D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1d89752c3718abde5ab137c8702a7bffb5564f2f0e1297fa90237a2810f4535

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56D 0
0 79ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAM0AX0w1nTkw3_e10okThUvMqC5cGyMUrktpL97ap0ngSDjrrJq6lFS4mwlKo6pnH-zfvSK1ZukgskZWZXX5nJH_NAo4dkYUGxTQgmTuMEWRww3gFi-ePdg6WMHOHbaez6EXMCRsYdOMQa5bDe4H8cBNXqntqTPFzp8pLlmI3OYJmRQ5pxAD62-rOqse-1j2Ro-F8D_PGZ17aWr39NV1WGuS5TueyHgqCvmSy6YQ1BfZo0eGXTEZEnm7d7Sl-rgyT9GE4anKd2S8FA9WZXi7L0trPgnHU5aeLt8RWfaeCP6tRKNL3RuWPmNp1QISDSfZESYbUOXgKuZeM0ZNUAuQv6lPgd5l5PQLdubONRGotIA&sai=AMfl-YT1W7EAjpICOYKEhxUx-BHnkC0H8_kWuT_usE0BKQcscBLhkitZ3EO3ThW7bHB4M8VBYr0C5PezBRVXAB_SBOb_pnVmcMmfDDeVS9kI00Dd8LDvlWwiIYn9FsTTRkGu&sig=Cg0ArKJSzKzGIJKMgysLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 04:01:27 GMT

GET
H2 200 BannerAdBannerPlacement.js Show response
onetag-sys.com/static/ Frame B26E 28 KB
9 KB 13ms
8ms Script
application/javascript 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

be37b239164bd86d3c3ace508689f54cf7b28cb38b4b29e7335dc4769ca357b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 9364
vary: accept-encoding
content-type: application/javascript

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP...
onetag-sys.com/ping/ Frame B26E 0
28 B 13ms
8ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:115:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 200 BannerAdBannerPlacement.js Show response
onetag-sys.com/static/ Frame 2536 28 KB
9 KB 11ms
10ms Script
application/javascript 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

be37b239164bd86d3c3ace508689f54cf7b28cb38b4b29e7335dc4769ca357b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 9364
vary: accept-encoding
content-type: application/javascript

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 10ms
10ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:115:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2

200

cs
cs.lkqd.net/ Frame E536
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

96ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame E536
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:27 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame E536
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=96ea7f0f-93a2-48ac-a946-1e346765bf60

43 B
308 B

95ms
92ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=96ea7f0f-93a2-48ac-a946-1e346765bf60
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=96ea7f0f-93a2-48ac-a946-1e346765bf60
date: Tue, 20 Dec 2022 04:01:27 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame E536 43 B
308 B 99ms
78ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame E536 43 B
308 B 106ms
85ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 creative-sandbox.html Show response
onetag-sys.com/static/ Frame 8D17 671 B
547 B 10ms
7ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/creative-sandbox.html

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

09e7ababe64e1aae2cb723c830dc029304928d7981db9029848f30db0c8e4895

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 404
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
vary: accept-encoding

POST
H2 200 / Show response
onetag-sys.com/analytics/ Frame B26E 0
231 B 20ms
11ms XHR
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:553:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:581:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
15 B 31ms
16ms XHR
text/plain 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_2.3a6c01d6b1aa61ea9094.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pelotainvernal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 04:01:27 GMT
via: 1.1 google
server: nginx
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pelotainvernal.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 creative-sandbox.html Show response
onetag-sys.com/static/ Frame D3B8 671 B
547 B 15ms
6ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/creative-sandbox.html

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

09e7ababe64e1aae2cb723c830dc029304928d7981db9029848f30db0c8e4895

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 404
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
vary: accept-encoding

POST
H2 200 / Show response
onetag-sys.com/analytics/ Frame 2536 0
231 B 21ms
5ms XHR
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
strict-transport-security: max-age=15552000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length: 0

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 23ms
5ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:553:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 20ms
5ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:581:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Requested by

Host: f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
URL: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

$%7BCLICK_URL_ENC%7D Show response
eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHd... Frame A501
Redirect Chain

https://eu.sportradarserving.com/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1V...
https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0bo...

8 KB
5 KB

17ms
16ms

Document
text/html

18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/static/creative-sandbox.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: eb2ddf215c90be42d31a0ee0cbe50d949ae180eb1aeb6e12ac93090fa239e39a

Request headers

Referer: https://onetag-sys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3163
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Dec 2022 04:01:28 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Dec 2022 04:01:28 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 145ms
23ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=486497192&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C5597867780232290793906424519%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:27 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004200
X-SpotX-Timing-Transform: 0.000329
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004200
X-SpotX-Timing-Page-Require: 0.000385
X-fe: 083
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002168
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 79
X-SpotX-Timing-Page: 0.008307
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000316
Last-Modified: Tue, 20 Dec 2022 04:01:27 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000011
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000873
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 830 B
1 KB 29ms
22ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C5597867780232290793445366740%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f7b7ee0af546a29f6086ef0111d8bbff04ca8f3ae839cdf428cd0cc40c009b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:27 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 830
x-sticky-vk: 1671508887720037-603
Expires: Tue, 20 Dec 2022 04:01:27 GMT

GET
H/1.1

200
OK

$%7BCLICK_URL_ENC%7D Show response
eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7... Frame 53ED
Redirect Chain

https://eu.sportradarserving.com/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9ca...
https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFF...

8 KB
5 KB

28ms
28ms

Document
text/html

18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/static/creative-sandbox.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f3c77fc8af80c9091265ce11fb591cfdcfd300d248c3ee73366907881bbb1877

Request headers

Referer: https://onetag-sys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3164
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Dec 2022 04:01:28 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Dec 2022 04:01:28 GMT
Location: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D

POST
H2 200 t Show response
t.lkqd.net/ Frame 6BF9 0
166 B 100ms
99ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:28 GMT
server: nginx

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame EA49 342 KB
116 KB 158ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop123.fr8.t,1671508888.cds143.fr8.shn,1671508888.cds143.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:1:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:287:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
98ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:28 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 6BF9 0
166 B 104ms
95ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ce144a70-7f9e-11ed-a7d8-3bcaccdc31d5.jpg
creatives.sportradarserving.com/ Frame A501 23 KB
24 KB 212ms
97ms Image
image/jpeg 2a02:26f0:3500:14::1724:a251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sportradarserving.com/ce144a70-7f9e-11ed-a7d8-3bcaccdc31d5.jpg
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 22422988179a455145a92ca06fe5a5250089a0d9c8fd6931ffbe07c13b369d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
last-modified: Mon, 19 Dec 2022 13:12:35 GMT
server: AkamaiNetStorage
etag: "5483e1ec5d48868381f8b2a46bd18593:1671455555.807611"
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
content-length: 24037
expires: Tue, 20 Dec 2022 04:11:28 GMT

GET
H2

200

RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003
sync.targeting.unrulymedia.com/csync/ Frame A501
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1da418b4-fac2-4ca4-904a-4a3ef5d65f83
https://sync.1rx.io/usersync/bidswitch/59581c88-802c-4288-8832-6135eb3e7eb9?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/59581c88-802c-4288-8832-6135eb3e7eb9?zcc=1&cb=1671508888357
https://sync.targeting.unrulymedia.com/csync/RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003

43 B
378 B

57ms
14ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Protocol: H2
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 200 xuid
eb2.3lift.com/ Frame A501 37 B
140 B 65ms
1ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=1da418b4-fac2-4ca4-904a-4a3ef5d65f83&dongle=3oy7
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cdb7d290-7f9e-11ed-a7d8-3bcaccdc31d5.jpg
creatives.sportradarserving.com/ Frame 53ED 50 KB
50 KB 146ms
61ms Image
image/jpeg 2a02:26f0:3500:14::1724:a251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sportradarserving.com/cdb7d290-7f9e-11ed-a7d8-3bcaccdc31d5.jpg
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ab64b6f4d68180cdaed46eaf515f32559a420a0fb222a2f5ffb724951dfcdbce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
last-modified: Mon, 19 Dec 2022 13:12:35 GMT
server: AkamaiNetStorage
etag: "205664ec20e12e21eacecf0573867523:1671455555.314025"
content-type: image/jpeg
cache-control: max-age=600
accept-ranges: bytes
content-length: 50927
expires: Tue, 20 Dec 2022 04:11:28 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 53ED
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1da418b4-fac2-4ca4-904a-4a3ef5d65f83
https://partners.tremorhub.com/sync?UIBS=59581c88-802c-4288-8832-6135eb3e7eb9

43 B
183 B

321ms
93ms

Image
image/gif

2600:1f18:612b:4264:f0dc:d918:bf86:3244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIBS=59581c88-802c-4288-8832-6135eb3e7eb9
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Protocol: H2
Server: 2600:1f18:612b:4264:f0dc:d918:bf86:3244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 20 Dec 2022 04:01:28 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

location: //partners.tremorhub.com/sync?UIBS=59581c88-802c-4288-8832-6135eb3e7eb9
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame 53ED 37 B
139 B 58ms
2ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=1da418b4-fac2-4ca4-904a-4a3ef5d65f83&dongle=3oy7
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 53ED 1 KB
2 KB 9ms
9ms Image
image/png 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Cache-Control: max-age=86400
Last-Modified: Thu, 01 Dec 2022 10:34:39 GMT
Connection: keep-alive
ETag: 16698908791319
Content-Length: 1319
Content-Type: image/png

GET
H/1.1 200
OK LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1m...
eu.sportradarserving.com/mimp/ Frame 53ED 43 B
220 B 11ms
10ms Image
image/gif 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKF...
eu.sportradarserving.com/mimp/ Frame A501 43 B
220 B 42ms
8ms Image
image/gif 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/mimp/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK youronlinechoices_icon.png
eu.sportradarserving.com/ Frame A501 1 KB
2 KB 42ms
8ms Image
image/png 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by: Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Cache-Control: max-age=86400
Last-Modified: Thu, 01 Dec 2022 10:34:39 GMT
Connection: keep-alive
ETag: 16698908791319
Content-Length: 1319
Content-Type: image/png

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame EA49 25 KB
25 KB 43ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671508888292
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:28 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop103.fr8.t,1671508888.cds145.fr8.shn,1671508888.cds145.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3f8db5bbeba5994b18ec076cacf1b8d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g089_7179076008933868593&gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBR1u5jwlb_aowOhNaIdMqU&google_cver=1&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
265 B

99ms
33ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by: Host: pelotainvernal.com
URL: https://pelotainvernal.com/
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508888429069-501
Expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame EA49 301 B
800 B 49ms
23ms XHR
text/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Server: nginx
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1671508888270045-564
Expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame EA49 67 B
692 B 161ms
130ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C5597867780232290793445366740%2C%2C&_fw_gdpr_consent=&vav=f60f09c69cca13d377e84f3ef3b72b8a&vaviv=12057a56c31c94184233c7e2a6434e21&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1671508888422004-554
Expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 16ms
10ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:1:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 15ms
9ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:287:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

40ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508888418004-546
Expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

439ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: pelotainvernal.com
URL: https://pelotainvernal.com/

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B2QVBK0JC2ZHNNR4DE9K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:28 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508888043096-506
Expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD38 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3gJIitNvANuhAEVons6MRictMlaC6GUZWy7oAk430ylca302iRI-i61uIpwBqOPFVObK6B4heWMpLTKBEQpSODh83iO-WrE4GPLm9qHua8xkZKnWo&sig=Cg0ArKJSzLXKaQGLeCZJEAE&id=lidar2&mcvt=1000&p=485,275,575,1003&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1811199381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671508886913&rpt=560&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F56D 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzWgXjUwQoIhrYfEcyLKYdwQTMbS1xhLzK7iDUO2jeAruJkaPlGlwDztCArd60GWJ6zluuHwa7xYaMovgGk1xsYAOYvg0stWpMD482nNr_ET1GrZxY&sig=Cg0ArKJSzLb4CsWVl3--EAE&id=lidar2&mcvt=1005&p=507,1149,1107,1449&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2344183488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671508886889&rpt=593&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 6BF9 0
166 B 100ms
100ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:28 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:28 GMT
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 27ms
27ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bf65be9da1a437a26e253627ab0f2f09609df931eb9164800a45b0f5da7dbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11276
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:01:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CA1 13 KB
5 KB 47ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 23:16:29 GMT
expires: Tue, 19 Dec 2023 23:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A692 783 B
536 B 36ms
28ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae4a5ec274db055275c64c8c89e892fa91952d2ee8b589521ed1f5525659aaef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ko6qIW8J2wGLJA6hWuWO8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pelotainvernal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ko6qIW8J2wGLJA6hWuWO8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:01:28 GMT
expires: Tue, 20 Dec 2022 04:01:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A692 0
0 54ms
46ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=418215545120311&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CA1 36 KB
16 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 10:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 10:55:03 GMT

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 97ms
97ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=86042369&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c1cd39a2844d8032262c534ac0b3c183201495f8c9af2d47693fb39b00916db1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1355

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 557C 230 KB
61 KB 24ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKmDhZ0GEogBCiRkNWIwZmY0ZS1hYWVmLTQ5ZTQtYjM3MC1kZmYzYWYyNTJmNTAQkKbXzNb5+wIaBgiZ54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDU2NWEyMDg1LTZmZjQtNDY1Ny04YjBkLWU2NzdmZDIwN2M1MxjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.OBZcHX2m3PJTVIGqKUknNX0ciReKsmMW5h1Gthh3N8M=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508889.cds074.lo4.hn,1671508889.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 10ms
8ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 159ms
48ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Tue, 20 Dec 2022 04:01:29 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=910000&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922980446165

43 B
766 B

80ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922980446165
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922980446165
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 1776 4 KB
2 KB 33ms
28ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:29 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508889.cds074.lo4.hn,1671508889.cds074.lo4.c
x-sp-metadata: HS256.CKmDhZ0GEogBCiQ5NTQ0ODYyOS1kZWFlLTQ4MWItYTE0My03MjNiMzkxNWM0NTcQkKbXzNb5+wIaBgiZ54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGE4MzE1YmU0LWM5ZWEtNDFlNi1iMGUwLWRiY2ZjZWY3ZjkxZhjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.kssUDovnZ/o9eiQ3nWrtIze00yyHajvmO4NECl3mZlk=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 557C 11 KB
3 KB 259ms
257ms XHR
application/json 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=86042369&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 07ffc662409960f68206a28af3e399cd8ac775c7f247c8c28971b50b89b407f2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2471

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 99ms
95ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=86042369&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5CA1 0
11 B 32ms
6ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sMbMgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 1776
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a73a1958-da64-4534-9435-3ce253ef4056

43 B
308 B

95ms
95ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a73a1958-da64-4534-9435-3ce253ef4056
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a73a1958-da64-4534-9435-3ce253ef4056
date: Tue, 20 Dec 2022 04:01:29 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 1776 43 B
308 B 97ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 1776 43 B
308 B 98ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 1776
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

95ms
92ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 1776
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

113ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:29 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1m...
eu.sportradarserving.com/vimp/ Frame 53ED 43 B
220 B 9ms
8ms Image
image/gif 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKF...
eu.sportradarserving.com/vimp/ Frame A501 43 B
220 B 17ms
15ms Image
image/gif 18.158.209.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/vimp/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.209.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.sportradarserving.com/ul_cb/content/rtEkk-GaZK9e_6diICu25iLdAc1iEHE44HcKOV2RrzvyUvke-hCkHNtxc4Mjbkx_W93scW9OE83Q2w9Zp852jtNIjHTMbVyud5sXCsoqDj7KBnA4iNRjpWVCPCHW9AGM_LLrE-BgXRHP4x2PYCc0boKSbs1VHdLZlTulMfmXdz-lEh6WJCiAAn1FQgzFb393gcmKFi13C3agWXKXjYtXJ74iCL07JDJl0Xhmge9-vNOXq8iMStfE8A8dAXybHcZsmcqciOV9F8qHiqIWR_vevxX2tDI1gEH71KdpqGLp3y4TiSY4jGhgLAW9rA5lND3YdUacERw3A4UxNIdyIwfkiTl7EPH7v8DUxC3OaQoB7ddBZOTiAlE0RpK7Bx4OvxCe0h37v2shfadzNLS56Mhn5zKeEsoxlt8xdjp1TmbuUs-TGJVQtUWAyrGERnzkGsyBASjeYtiI-d_hrX6SFLBcRZk7B0WDyI-tJuHiXKQ0rA-vtn_dCchKHK1UqlJOc9BNm-iMKV_l_iAIPN557TC3OQZhnv1XI80mvMF0DxZt7JoG6re0FolvH2ZXoMvUhAdXv1biICCxfrfdIc0kYeqadI9VfwOPxKLhiIM4P7X5o7yxS5h2bfrkjr7YL9RkjYqD8vnBm7_VRWG6642D4cQf5mHrA7-cChcBwc1bPcAMIzEwEN5kJdxXFaZENaixyU5jmYJPc41gV5mObRSOjx5BlvXMCU8yEmEd2jIofOTic0u3OObAZ_b5KG-VakawhfWhgNxUy84qgEVMgV6GDxisjqo93FedCWWmd02VRGhghluPpgE9oEuvzLEKeZMt0QwcLALKjYQ9UbFEvhncxZnWxijyKvzjoNF_Ksj687_LSdxwkUIIxgs7PvLd17LjPDxKXMihQHE3CmpELDIdrRYm7uMTGrkF7K38hd7Exv_AJAJwJUvV1Gyuit6x-kSnMCRf_k3I7kJaVIdL8763FEX9fSo4kP_DlG7BKhzbzVchHr3YojY7VsMU4YYeimX7LquaP74OX6XxMvjRgc0/$%7BCLICK_URL_ENC%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 t Show response
t.lkqd.net/ Frame 6615 0
166 B 104ms
100ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:29 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 115ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 22ms
21ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C20868609754173957281144577918%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40b107e68e62d14c40937f2eecee8427122e790af600cc95c07e4de011c267eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671508889637016-595
Expires: Tue, 20 Dec 2022 04:01:29 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 6615 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:29 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 557C 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 16C1 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop123.fr8.t,1671508889.cds143.fr8.shn,1671508889.cds143.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 16C1 25 KB
25 KB 7ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671508889734
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:29 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop103.fr8.t,1671508889.cds145.fr8.shn,1671508889.cds145.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 16C1 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

32ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
nnCoection: close
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Access-Control-Allow-Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508889525052-532
Expires: Tue, 20 Dec 2022 04:01:29 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 16C1 301 B
800 B 24ms
23ms XHR
text/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1671508889449078-520
Expires: Tue, 20 Dec 2022 04:01:29 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 16C1 67 B
692 B 130ms
129ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C20868609754173957281144577918%2C%2C&_fw_gdpr_consent=&vav=3b99c2423da2caba8b5ad2a960ad8531&vaviv=34315d082c8ea178958fcdf068d58d4e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1671508889628035-516
Expires: Tue, 20 Dec 2022 04:01:29 GMT

GET user-matching
ads.stickyadstv.com/ Frame 16C1 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508889462075-566
Expires: Tue, 20 Dec 2022 04:01:29 GMT

GET user-matching
ads.stickyadstv.com/ Frame 16C1 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

108ms
108ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SE7TPBB2NDHV7EB8Y28H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508889563085-550
Expires: Tue, 20 Dec 2022 04:01:29 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 6615 0
166 B 98ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=418215545120311&bg=!4OOl46fNAAYgquz3AKo7ACkAdvg8Wn5gWT1s9SZmRSQvm6-onbK1MPpjyoz-aj3Ml82GiQ2TFR3H3AIAAAEaUgAAAANoAQeZAuLsDYXdCDZfE_IZPp5HHVrf2xHkTDZAMrq3XFvmqSbN1FOMHpc_kUgugX9pDE7TMgM739S2fWR41EPGOA6lXYDVhQMgW9dkWqf3SmonCPzajWKnluEJ8-VfLw88Z-eK9rWolgJ1t9DCYQBAPAa28Cm3u0hi73sDMgVenxJ4TyyR6KfXexFRL_47cKJwPXrhVbWxtRHKHCLLnrOm9-IAGp8UsuLW0TdD21WraiMu1lP8ZbFRFdGQVEm8FYQ0-kvEVVnw2RxP5V-2JNUfLK4ZCt7VQR7cyjFETu53OC73FgzVxZ0hw_KUdcoH8KEs6Bk1KBfcHc4JdZpvZebYkriyx_K4WrCtUymZCXDpGF8IPUc-71rC_EA98yUYo3A2Lf7cscHPS3iu17qmlz2T5vtApD-h2IA_OIMb5yhZmQ_cr2D_Fa4S1Mr8SCq2xt7mI8CSEvXcL0Kjn-l4eHeqfRwUKT_WVYc6dxO_g29xoe9KB4vensRtzstBH1xRC-_-zX1fNSu_glymC_mTWpDZBBRLjQO6xH-sYraqSqlMSq6yeVQdnhKf2GlP-zDUbHyvIuMa1977bwSuDEBAbNmGa2ZHWdAwfxpFlx7-MBn0UQs1OIiDYWiJEfXn2I_cTZF6TBb5S5jgIozNGljzdUqpjVo2zeGWvgl8AIT8vPzDqSLUGN51r7a5Es5M453drFNWjrKiDS-AyxdFVZfu0PAPtsxjzaJxA4TGBf5ipndF3qoi5vvM8ntMwNhhLSzLwKkF_aZaeuPP1O6j1FllpwQ07OkCQCweH77qiVBTqIQt0yO7COKMWvREIkL95SbJ8h4WFu2LwdOntOQY-QtS90uyErIeKP3Et4Dz5iExzrnYigb8r7251jVQi-5XkNgkRtiEpJl4EA1Pfo_n5NS2mDiP-wY8kjWBIGI1117WhbZjD8y5XVvkqpOcM3Gtm38Y-jH6BELsoQ3DNKx05vSYgD2C1T0jbjbS1NQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 t Show response
t.lkqd.net/ Frame 6615 0
166 B 97ms
96ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:29 GMT
server: nginx

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 93ms
93ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=54055691&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d136a971dd9f41943b042636988e8b6c23dcea5fc7d18a906c4af22a59039f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:30 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1358

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:6:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:601:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8FFA 230 KB
61 KB 23ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:30 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKqDhZ0GEogBCiQxZDk4YjZjNy01OWI3LTRlNzItYjkyYS01YjA4ZDVhNzIzMjUQkKbXzNb5+wIaBgia54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGZkNWFhNDUzLTQyOWUtNDA5Ni05MThmLTg5ZDRhMTM2MDJlMRjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.2HsFyvFWZ6a14Kf7A972HOu1SXHefyZfcpJrNGUl06w=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508890.cds074.lo4.hn,1671508890.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9FF5 4 KB
2 KB 23ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:30 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508890.cds074.lo4.hn,1671508890.cds074.lo4.c
x-sp-metadata: HS256.CKqDhZ0GEogBCiQyNTJkYjlhMC01ODVmLTRkMWYtYTg2ZS1kNmI3NGM2YzI0ZjcQkKbXzNb5+wIaBgia54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDNiNTIxYWU3LTc5N2ItNDI2Ny04NTc3LTU4M2JlZTA0ZDFiZRjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.zoNDMdzdSGrq3Ryo47tJFu4RvsO2hMPSxJuSnQaKK/8=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8FFA 11 KB
3 KB 116ms
115ms XHR
application/json 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=54055691&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bea18ec7510e834e69c41e3d825aa26802f3e2c3987855fb0d744dfe5eefdb0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:01:31 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2485

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 96ms
96ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=54055691&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:30 GMT
server: nginx

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 8ms
7ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:6:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 204 sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8D...
onetag-sys.com/ping/ Frame 2536 0
28 B 7ms
7ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;RY8DChJupqpzyiEL2UpFrKxX7OEcAztLpPENVyePQyuDM2u9FUAajmay779GFxUL:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0Ln678ZE-y5tOl0-LCJrXJMJX6C9CKgVqx8OQHaxAxJjHTyeowHKoB-t6XE0lgjmaxD0VEeaBq4zYN-K1rstPUECvIIEQnApFMljrri0VEMHfKodx5HcY1YUOE6szftyvQOksS8l2AkL92Sq1tSJhkCEspy7EQkKtGteddC8bKMV2GAmPZrveHwz4e-3nC1nUFulX7zgWwFbDqRazHHfcen7NznPk2U1qd6KaikFaCts69IUm95P6sPKOhsFjYmdCDzInElrGh-LNWO-mIbw2TfvkbeqHvYcUxLTSPQKFu91lqu1zilBRgJSqCJD1ARxjQrO0V9XfgFNcjc1F2Gjnc_-vpGrbB6MBGUlYej5ECfBtrJ3tv65AYe8VHYoQXO7tX0GS_wjN_2SRaJbwUWekGQ:601:0:0:0:0:0:0:0:c3fe2181-e4ac-4943-9ecb-da169b200965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET

cs
cs.lkqd.net/ Frame 9FF5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d5f36639-70f2-40d6-a733-49a031b1b0c0

0
0

GET
H2 200 cs
cs.lkqd.net/ Frame 9FF5 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:30 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9FF5 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:30 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9FF5
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:30 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 9FF5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:31 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:30 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame BFCE 0
166 B 96ms
96ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:31 GMT
server: nginx

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 22ms
21ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C64748703305954979871737006632%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c356202a29d9bc9718f3d2f660f9d77e36091207ca6a354d21cd7ef444b6e893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671508891099008-587
Expires: Tue, 20 Dec 2022 04:01:31 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:31 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame BFCE 0
166 B 99ms
98ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8FFA 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 92A4 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop123.fr8.t,1671508891.cds143.fr8.shn,1671508891.cds143.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 92A4 25 KB
25 KB 7ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671508891205
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:31 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop103.fr8.t,1671508891.cds145.fr8.shn,1671508891.cds145.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 92A4 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

32ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508891105028-554
Expires: Tue, 20 Dec 2022 04:01:31 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 92A4 301 B
800 B 23ms
23ms XHR
text/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1671508891286000-597
Expires: Tue, 20 Dec 2022 04:01:31 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 92A4 67 B
692 B 79ms
78ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C64748703305954979871737006632%2C%2C&_fw_gdpr_consent=&vav=1a15abe7e8caa035e13210dab265769a&vaviv=c4cc6b554f6f7d326bb4b8920feb4b5a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1671508891185037-596
Expires: Tue, 20 Dec 2022 04:01:31 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame BFCE 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:31 GMT
server: nginx

GET user-matching
ads.stickyadstv.com/ Frame 92A4 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508891285006-600
Expires: Tue, 20 Dec 2022 04:01:31 GMT

GET user-matching
ads.stickyadstv.com/ Frame 92A4 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

112ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZG7MNGAS7RR01CNABC9M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508891154043-582
Expires: Tue, 20 Dec 2022 04:01:31 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:31 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame BFCE 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 94ms
93ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=97625222&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d5092023a806a644ff0f65c88d82aeb4b3effc1731c578cfd8f50d564e4c59c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:31 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1357

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 2168 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
content-encoding: gzip
x-sp-metadata: HS256.CKyDhZ0GEogBCiRhZWU4Y2VhNS05MmQ1LTQyYzEtYjJmMS04MjgzNzgwYmVlMmUQkKbXzNb5+wIaBgic54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGI0ZGY3NGY0LTM2MzQtNDhmMy1hODc1LTYyMzQ4MzNjMGVhZBjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==./evYHw4GxsvkXwLch5dJoHXKs1udZ1PUYaHj21G2Qa0=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508892.cds074.lo4.hn,1671508892.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 85C6 4 KB
2 KB 23ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:32 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508892.cds074.lo4.hn,1671508892.cds074.lo4.c
x-sp-metadata: HS256.CKyDhZ0GEogBCiQ0YTFiNWM4OC01ZTA5LTQ2YzUtOTUwYS1lNmYzNTAyZmVkODcQkKbXzNb5+wIaBgic54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGQ4NzhmYWViLTk2NzMtNDNmMy1iMGNkLTBmMWFjNTU0MDBlZRjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.LJrt5llOjbbJIFNp54+yx5F8hwN91gQF6itv7AEtBqE=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 2168 18 KB
3 KB 241ms
241ms XHR
application/json 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=97625222&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c8bff5c80409adfdc10df0bead21c943f740f0011914237519571c7815fb94f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2814

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 321ms
320ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=97625222&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx

GET
H2 200 cs
cs.lkqd.net/ Frame 85C6 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 85C6 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 85C6
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 85C6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:32 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame 85C6
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2371f7a-f3d9-4aa2-af9f-b4cc60b7f2c8

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2371f7a-f3d9-4aa2-af9f-b4cc60b7f2c8
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d2371f7a-f3d9-4aa2-af9f-b4cc60b7f2c8
date: Tue, 20 Dec 2022 04:01:32 GMT
server: _
content-length: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 8816 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 24ms
23ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=1226186787&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C53404574838045880991232009920%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:32 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004382
X-SpotX-Timing-Transform: 0.000277
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004382
X-SpotX-Timing-Page-Require: 0.000293
X-fe: 114
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002421
X-SpotX-Timing-Page-Cookie: 0.000020
Content-Length: 79
X-SpotX-Timing-Page: 0.008466
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000244
Last-Modified: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000008
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000820
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 21ms
21ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C53404574838045880991933032474%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9594d1f291ed60de3c7e557f39a215574fa481c65da262820513905f02c9ac00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671508892351076-595
Expires: Tue, 20 Dec 2022 04:01:32 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
93ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 8816 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2168 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 5A6D 342 KB
116 KB 8ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop123.fr8.t,1671508892.cds143.fr8.shn,1671508892.cds143.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 5A6D 25 KB
25 KB 8ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671508892680
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:32 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop103.fr8.t,1671508892.cds145.fr8.shn,1671508892.cds145.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 5A6D 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

32ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508892348080-551
Expires: Tue, 20 Dec 2022 04:01:32 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 5A6D 301 B
800 B 21ms
21ms XHR
text/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1671508892695005-545
Expires: Tue, 20 Dec 2022 04:01:32 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 5A6D 67 B
692 B 134ms
131ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C53404574838045880991933032474%2C%2C&_fw_gdpr_consent=&vav=fb4d8e2d0973bdb5b4e3a34928f46fb9&vaviv=34315d082c8ea178958fcdf068d58d4e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1671508892339087-544
Expires: Tue, 20 Dec 2022 04:01:32 GMT

GET user-matching
ads.stickyadstv.com/ Frame 5A6D 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508892697008-603
Expires: Tue, 20 Dec 2022 04:01:32 GMT

GET user-matching
ads.stickyadstv.com/ Frame 5A6D 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

111ms
110ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DAC26MAK8BNJK3X1D7XH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:32 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508892572046-526
Expires: Tue, 20 Dec 2022 04:01:32 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 8816 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 8816 0
166 B 97ms
96ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:32 GMT
server: nginx

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 93ms
93ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=92360505&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2df18e778c12b663732747ea4aff7351a59f592ad30ab3b19156dc8f89984037

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1358

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame A602 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
content-encoding: gzip
x-sp-metadata: HS256.CK2DhZ0GEogBCiQyN2Q1NWFhNC0yMjVmLTQ4YWEtODI4Ny02Nzg0ZTNkY2M1NzIQkKbXzNb5+wIaBgid54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDU2N2EzMjIxLWQ3ZWItNGZiNi1hMzc2LThhNjhmODU0Y2JjMRjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.XVc26jGpqxwMnMEf9BqJRIDcLQCp+lqVZ8Fhwng9O1U=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508893.cds074.lo4.hn,1671508893.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame F490 4 KB
2 KB 24ms
23ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:33 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508893.cds074.lo4.hn,1671508893.cds074.lo4.c
x-sp-metadata: HS256.CK2DhZ0GEogBCiQ5ZmUwNDE5OS01N2EwLTQ2ZTYtYjQ4MC01ZGIxZTYxNTYwZjUQkKbXzNb5+wIaBgid54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGVhM2ZjYWQxLWU5ODctNDNiZS04YzRhLTVjMDE3ODFiM2NkYxjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.JMMEH432L3fTVzV9ZvABSCxXCzW4YlzekyHvDxrhKns=

POST
H2 200 ad Show response
v.lkqd.net/ Frame A602 19 KB
3 KB 117ms
117ms XHR
application/json 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=92360505&m=&rtv=1&thost=pelotainvernal.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f364f30b25ec8ff7b9d9769406d196d9a4599151dc54202c81fbf2aa2259394

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3154

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 150ms
150ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=92360505&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx

GET
H2

200

cs
cs.lkqd.net/ Frame F490
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b338571a-ef83-4df4-90bd-96fbd03e6414

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b338571a-ef83-4df4-90bd-96fbd03e6414
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b338571a-ef83-4df4-90bd-96fbd03e6414
date: Tue, 20 Dec 2022 04:01:33 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame F490 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame F490 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame F490
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame F490
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ
Date: Tue, 20 Dec 2022 04:01:33 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame F6E6 0
166 B 97ms
96ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 24ms
23ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fpelotainvernal.com%2F&cb=2021673730&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C74239744474197569481039496457%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:33 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.004210
X-SpotX-Timing-Transform: 0.000258
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.004210
X-SpotX-Timing-Page-Require: 0.000355
X-fe: 004
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002348
X-SpotX-Timing-Page-Cookie: 0.000020
Content-Length: 79
X-SpotX-Timing-Page: 0.008298
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000279
Last-Modified: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
X-SpotX-Timing-Page-Exception: 0.000000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000010
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000818
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 22ms
21ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63065%2C1%2C74239744474197569481784005806%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1dff7355229e2b2fc0ee6946c28093af61f565e7426d63e9f21b3ca4e5e46413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1671508893777011-590
Expires: Tue, 20 Dec 2022 04:01:33 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
95ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame F6E6 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A602 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 8B07 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop123.fr8.t,1671508893.cds143.fr8.shn,1671508893.cds143.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 8B07 25 KB
25 KB 8ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1671508893871
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:01:33 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1671508888.dop103.fr8.t,1671508893.cds145.fr8.shn,1671508893.cds145.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 8B07 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

32ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508893775028-521
Expires: Tue, 20 Dec 2022 04:01:33 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 8B07 301 B
800 B 21ms
21ms XHR
text/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fpelotainvernal.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1671508893904003-516
Expires: Tue, 20 Dec 2022 04:01:33 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 8B07 67 B
692 B 71ms
71ms XHR
application/xml 95.101.27.149
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C63065%2C1%2C74239744474197569481784005806%2C%2C&_fw_gdpr_consent=&vav=9128156f724e00ff41c8f4fbdda65bc2&vaviv=0582cc6c1ea418b969d39d510b43160e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fpelotainvernal.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://pelotainvernal.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1671508893812035-601
Expires: Tue, 20 Dec 2022 04:01:33 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F6E6 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:33 GMT
server: nginx

GET user-matching
ads.stickyadstv.com/ Frame 8B07 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2Y4ZGI1YmJlYmE1OTk0YjE4ZWMwNzZjYWNmMWI4ZA==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508893821031-562
Expires: Tue, 20 Dec 2022 04:01:33 GMT

GET user-matching
ads.stickyadstv.com/ Frame 8B07 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pelotainvernal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8DQH41FWXE6PMCKZTGF4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Dec 2022 04:01:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3f8db5bbeba5994b18ec076cacf1b8d&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1671508893927007-504
Expires: Tue, 20 Dec 2022 04:01:33 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F6E6 0
166 B 97ms
97ms XHR
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pelotainvernal.com
date: Tue, 20 Dec 2022 04:01:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
94ms Preflight
text/plain 146.20.128.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 04:01:34 GMT
server: nginx

GET
H2 200 ad Show response
v.lkqd.net/ Frame E290 2 KB
2 KB 107ms
106ms XHR
application/xml 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69185003&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9debb385ae6bed6143b5e0725781a1f8e3bcfc7cc095512b8cae51497b11810d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:34 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://pelotainvernal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1357

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/ping/sLqofmr6OHzg2YRTQTREpEXnLrrs1Iejh-njZfZhsYGRo0IDpCs0xAefWqUMbrtAYOLWzD4cQHIqdD0TGQVV50lF2qCiOog37PHedLXeQ6KNtoNY-rnVTFcU0IW5Eh1kSOEylAeBFHGeCLyKIjhYgscLxEGCZzTWk5bpGtq5qEAum7pryzRP8d4fhJhUq0r9;skdP0Zyi-BGCas7JvuQE5axX7OEcAztLpPENVyePQytokQ2T2BX-WIOBsOP_waIQ:bNnli3e5aX1FymJuR5FMraUUxIRwqNmP-OdMvxMUvB6tSQgfVcpOpcZXlit_Fbk0nrF29RXqF4ruoUUVrIoZvlfMYiM6qZR53d6x9M_Zi1zRVYp7oed7RQbfoBtrFqlHvHzN4q1ELf3LkROLfuqL_pw7FwpuOHYxcIT5jpODkTtYPziBaWIWImbHOAPx9bL55QH0yWHyv0wqYRIOxgFq7-Ssh9nGCpZFwISSS-q0Lb4NJSzIrOorgYdez1sntd1k78uB7kTS7tUbBLsWRm579X8TfdOB3SBS4S_L0Mi1Gpl-Sy0wJix2OYfkB2WwRorl4hjjdDbsRB-Mi0Xhu6r4BHNdI_4L0tlYzx44adzsYkmR-usBE96L0_ZxcePwzE6PuiXPFRkVW-VK1ruz-y9vKS6hc-xylEFnKtrL7WmYfqucOxcKbjh2MXCE-Y6Tg5E7HDpo63W07aV9rIzuWOqe9A:569:0:0:0:0:0:0:0:8ddeace3-3db9-497e-aabc-d19b23b4963f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000

GET
H2 200 vpaid.js
ad.lkqd.net/vpaid/ Frame EAC4 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:34 GMT
content-encoding: gzip
x-sp-metadata: HS256.CK6DhZ0GEogBCiRmNTFjZWUwOS01MThiLTQwMDItOGVhNy03NzY2NTI2MTFlZDAQkKbXzNb5+wIaBgie54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDViN2MxMWJjLTA1ODYtNDBjMy05Y2JhLTRmZWFiNjVhNDNmMBjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.l8+uVVnPqtsylnNQ5wKfTuc8hW1DpHh6n412dgtcTgM=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1671508894.cds074.lo4.hn,1671508894.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 3501 4 KB
2 KB 22ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 20 Dec 2022 04:01:34 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1671508894.cds074.lo4.hn,1671508894.cds074.lo4.c
x-sp-metadata: HS256.CK6DhZ0GEogBCiQxOTE2OTMzZS05NTRmLTQwOTgtOWIxNy1hMjVkNDgwZTE1NzEQkKbXzNb5+wIaBgie54SdBiINMTQ2LjcwLjExNy44NCjo/gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGZhN2JiZWJmLWJhNGItNDlhYS1iOGVkLWZmZTEyY2M1NzdhMxjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.wSiIG0+NuftoevtI5CNwam3IDWW/VP/unoNgbd5GGNY=

POST ad
v.lkqd.net/ Frame EAC4 0
0

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 114ms
113ms Preflight 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69185003&m=&rtv=1&thost=pelotainvernal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pelotainvernal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pelotainvernal.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 20 Dec 2022 04:01:34 GMT
server: nginx

GET

cs
cs.lkqd.net/ Frame 3501
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3646b22-0298-4af6-9142-2d928c06068b

0
0

GET
H2 200 cs
cs.lkqd.net/ Frame 3501 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3501 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 3501
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743

0
0

91ms
91ms

Image
image/gif

146.20.132.128
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.128 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:01:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3492642402628328743
pragma: no-cache
date: Tue, 20 Dec 2022 04:01:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET

cs
cs.lkqd.net/ Frame 3501
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d5f36639-70f2-40d6-a733-49a031b1b0c0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1171093&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpelotainvernal.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63065%2C1%2C&c4=true&c5=&c6=63065&rnd=69185003&m=&rtv=1&thost=pelotainvernal.com

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c3646b22-0298-4af6-9142-2d928c06068b

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mG-AO6qaT5xlwWzOl9PvspJGdVQ

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.pelotainvernal.com/	1970-01-20 08:28:33	Name: AWSALB Value: BV+0Re6XJqMR1Mi6m4oIIyGnRXc/8Q8prRw6xaZVj1X2oy+nK8J1Es1i4Ily8dzoKmpxYRYqQ3j6bY2Z6JPbsumjPVczz2zXqqZOWagrN2q5M6z/5VB6CuO40SxP
s.pelotainvernal.com/	1970-01-20 08:28:33	Name: AWSALBCORS Value: BV+0Re6XJqMR1Mi6m4oIIyGnRXc/8Q8prRw6xaZVj1X2oy+nK8J1Es1i4Ily8dzoKmpxYRYqQ3j6bY2Z6JPbsumjPVczz2zXqqZOWagrN2q5M6z/5VB6CuO40SxP
.pelotainvernal.com/	1970-01-20 17:54:28	Name: _ga Value: GA1.2.1681588742.1671508884
.pelotainvernal.com/	1970-01-20 08:19:55	Name: _gid Value: GA1.2.1301188506.1671508884
.pelotainvernal.com/	1970-01-20 08:18:28	Name: _gat_gtag_UA_19230497_1 Value: 1
.pelotainvernal.com/	1970-01-20 17:40:04	Name: __gads Value: ID=7e3231aa31424b1b:T=1671508883:S=ALNI_MY6CEIYgcdcqal2vLZyabDH-aQGjQ
.pelotainvernal.com/	1970-01-20 17:40:04	Name: __gpi Value: UID=00000b9563e07d7c:T=1671508883:RT=1671508883:S=ALNI_MYvxyjvW9PtgHICj7KvgTuO1zR8AQ
.doubleclick.net/	1970-01-20 17:40:04	Name: IDE Value: AHWqTUlZaJKG2uEA-abw_bcY1wLCyk3RPJ9D74ps3NZSL4km2MALfEGaJC4qZ4dYSpU
.doubleclick.net/	1970-01-20 08:18:29	Name: test_cookie Value: CheckForPermission
pelotainvernal.com/	1970-01-20 09:01:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.pelotainvernal.com/	1970-01-20 17:04:04	Name: _pubcid Value: a4fd9409-7385-4760-9697-e2ed3902cad6
.yahoo.com/	1970-01-20 17:04:26	Name: A3 Value: d=AQABBJUzoWMCEC4kldcj_3LEHYV7CimYR0IFEgEBAQGFomOrYwAAAAAA_eMAAA&S=AQAAAktReDk0BbCw3b11DUXtPuQ
.bidswitch.net/	1970-01-20 17:04:04	Name: tuuid Value: 59581c88-802c-4288-8832-6135eb3e7eb9
.bidswitch.net/	1970-01-20 17:04:04	Name: c Value: 1671508885
.bidswitch.net/	1970-01-20 17:04:04	Name: tuuid_lu Value: 1671508885
.analytics.yahoo.com/	1970-01-20 17:04:04	Name: IDSYNC Value: 1982~28y4
.ads.stickyadstv.com/	1970-01-20 09:01:40	Name: UID Value: 3f8db5bbeba5994b18ec076cacf1b8d
.adnxs.com/	1970-01-20 10:28:04	Name: icu Value: ChkI-OeAARAKGAEgASgBMJbnhJ0GOAFAAUgBEJbnhJ0GGAA.
.adnxs.com/	1970-01-20 10:28:04	Name: uuid2 Value: 7790816589001376725
.rubiconproject.com/	1970-01-20 17:04:04	Name: khaos Value: LBVP8EQM-B-JQIW
.rubiconproject.com/	1970-01-20 17:04:04	Name: audit Value: 1\|hLZGFuTafB1/4vNuyZSTUvsKGGM1eolu5vVtDhgOVUPw0zLiRRUt4fyWWW/Ct9lmSkyj9x8eeR3thoi474+Tg2jYHTlS9mMvGIFatoJ0DXuyqVI1k5poNA==
.pelotainvernal.com/	1970-01-20 17:40:04	Name: cto_bidid Value: m8WsG19JRHVpQTdmQmFzJTJGU0VtdVNzSkVkNm5Oa2IlMkZsb010bUFQSHJhWE8yeTBsM25wM3RMeE45U05rdEo1M09ieWJYODlNWCUyRndWbVduaGIlMkZtajMwanNaaXhRJTNEJTNE
a.vidoomy.com/	1970-01-20 17:04:04	Name: SSCookie Value: 1
.doubleclick.net/	1970-01-20 08:18:32	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 12:37:40	Name: uid Value: 3492642402628328743
.quantserve.com/	1970-01-20 17:48:43	Name: mc Value: 63a13396-eb1e3-69113-9bd4c
sync.srv.stackadapt.com/	1970-01-20 17:04:04	Name: sa-user-id Value: s%3A0-986f803b-aa9a-4f9c-65c1-6cce97d3efb2.KqLLidFm%2BCELiud1bccU71DN17dMbR91DimH4dFrNdE
.srv.stackadapt.com/	1970-01-20 17:04:04	Name: sa-user-id-v2 Value: s%3AmG-AO6qaT5xlwWzOl9PvspJGdVQ.0Ud%2F49%2FFiInXoqJJDFas%2BXc%2BfmWCfAyeVNhHW%2BJSuAk
.pelotainvernal.com/	1970-01-20 17:42:57	Name: __qca Value: P0-506169051-1671508886524
.criteo.com/	1970-01-20 17:40:04	Name: uid Value: e584c787-b580-4be3-b258-c8aa73e1477a
.pelotainvernal.com/	1970-01-20 17:40:04	Name: cto_bundle Value: ZVg-lF9CbzM3UmRVVSUyQjlyVld6ZDdmcGhwVnliQnNsc0c5czN3bFQlMkZLdTF2eno0TXBvaXd2N1MzMWIxWGdQc1VDaHNIdXFFajhGRFdLanJXWmpyRmNlM0VHRlVla3BFZnlSbFFoMXFzQURISk5vMmF3dlpLNHRTMEpGN3NPempoRFVkJTJCWlI5WDFGWUV4ZU9SdDdkYXpqRlRlNGs5NTZmeWdrSkVwSGphS0h2SXhmaUUlM0Q
.spotxchange.com/	1970-01-20 17:04:04	Name: audience Value: fa942b72-801a-11ed-91e1-1891fad20006
.sportradarserving.com/	1970-01-20 17:04:04	Name: c Value: 1671508888
.sportradarserving.com/	1970-01-20 17:04:04	Name: zuuid_lu Value: 1671508888
.sportradarserving.com/	1970-01-20 17:04:04	Name: zuuid Value: 1da418b4-fac2-4ca4-904a-4a3ef5d65f83
.sportradarserving.com/	1970-01-20 17:04:04	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 17:04:04	Name: zuuid_k_lu Value: 1671508888
.sportradarserving.com/	1970-01-20 17:04:04	Name: pvc2 Value: LJXxoZjqe96fJWWTNoMEuxDGu3ZrZgxNRTYufgB1_FzOe3Cjz1RLE4ia6K7YR20VNhUpn6u7_qTA4AeOZevs5paiyIF_VME2Cul5zSQTYQmM4YY8uCFQLLNaK4W6lyvRRpNAHx2V_8puF26E2jWJFFx9P9caD7HAe7vM8Ssepc4pMe_SuatZamrd1ifFD3IE2jR1mOKD0pI2hawuSYOclB7ReZUSf62lhLypNk4BD0xlPL2vq1SZQ0mBMjWVvBn4NgsC5J371tzFTYLacINQRhboLy3khyzKbl5e77Kcr9RbiUUWbmPGXGNc_Yu_99hXTZm526iaU4pOGItJ_B9eAEFPjcZ1PqV9HfkABclKG0-y4wGh8lVQplh7-NJelAvXdZaTH8Wlp-aT08Cwt53Nrzs6qWnkY7LKoTZKuP0C2kaZXUsJ8kbMMKlko9HPdEf2gULUGlLHr8qhjw2BkLK4jL-EBeLvSUDYPrSAuAxiKrGR-qbEa0yIH2pC0BBpOe4XuBHw760QX-7zoWFz8YFIZGeW2GAaV46g60HqTIUOOD0PlV-2Fxr8zOC4OEFUfDAUT9CF0-BoNaxCYllsFvSkRT_XDEYdiuZQa0J8SyRx4nTr_W9gWMn0Zs7jd9QWJmniDfkcscHm_FyeYq-MGSUGPYBaQ7-oZk_wooHi_1X6ZRHsMKds_nGWoTZUFvJN1nr3Xo6SAXMgwHMi3vHZuitn9NHPY9nSbsOlEfU68ILboiefMXkh4wwZQ2r8OSjJ5LzCZb90ZnybOefxo0mkD7ucbU79xDTYqfgkL5oZM57oChGuNqIkIirjNM-eZS49va147pobocrvYa238ZrsD7EemZdWPnSCwlNbzbl0fnppg9VAMbOFKJAR_p72A8n9mUuFBIW-ygzoJFDOcBVMfFCDsfQJqeZdCObZt5beAUV9MOoACpTgom7_Wl9i7ip-fkv4LW_B-1X6qeScysctvypT11V_bR_zYQHMjJvMRbhCGZa3GH_SIIwa41-zm47B-fQrcfu7P5cbM9w6pmp_eL4,wpDdtMMOQMaGXp966_Ur-Q,W-1b_Rs3Kd9Jq-co8BGhuQ,fsr6kX8DdUwu7fjxIdvPng,W-1b_Rs3Kd9Jq-co8BGhuQ,4BeewznRjvBnmncVrK-qRg,W-1b_Rs3Kd9Jq-co8BGhuQ,QT0R5uxbDfSxs0vMGD-yfQ,W-1b_Rs3Kd9Jq-co8BGhuQ,g4v8TR_qG_6QuaWtgylxsw,W-1b_Rs3Kd9Jq-co8BGhuQ,W7btZ7I33ECzSuT8zxnC8A,W-1b_Rs3Kd9Jq-co8BGhuQ,_nav7hGzxes7_8xc_KRIJw,W-1b_Rs3Kd9Jq-co8BGhuQ,MxZ6zjkCOvMeCI3BiLt7Kw,W-1b_Rs3Kd9Jq-co8BGhuQ,iq3bM7W-GkJqIMvV40JkBg,W-1b_Rs3Kd9Jq-co8BGhuQ,GEuy5v2985BdyXYXEAxM3w,W-1b_Rs3Kd9Jq-co8BGhuQ
.1rx.io/	1970-01-20 17:04:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003%22%7D
.ads.stickyadstv.com/	1970-01-20 08:38:38	Name: uid-bp-30833 Value: 1
.targeting.unrulymedia.com/	1970-01-20 17:04:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6e6a2204-7e1f-49dc-afd8-fea9eeebb89c-003%22%7D
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
.fwmrm.net/	1970-01-20 12:37:40	Name: _uid Value: "g089_7179076008933868593"
.ads.stickyadstv.com/	1970-01-20 09:44:52	Name: uid-bp-36033 Value: g089_7179076008933868593
.ads.stickyadstv.com/	1970-01-20 09:44:52	Name: MRM_UID Value: g089_7179076008933868593
.ads.stickyadstv.com/	1970-01-20 09:44:52	Name: uid-bp-159 Value: CAESEBR1u5jwlb_aowOhNaIdMqU
.casalemedia.com/	1970-01-20 17:04:04	Name: CMID Value: Y6EzmWpuyF-4i2MC825MHwAA
.casalemedia.com/	1970-01-20 10:28:04	Name: CMPS Value: 1214
.casalemedia.com/	1970-01-20 10:28:04	Name: CMPRO Value: 1214
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrK0MDAxMTM0MxXiM9TNCnYxqsq0LE4zcs0FANfN4DMlAAAA
.rfihub.com/	1970-01-20 17:40:04	Name: eud Value: H4sIAAAAAAAA__vFyGtoZm5oamBhYWFpam4KAOWroVgQAAAA
.rfihub.com/	1970-01-20 17:40:04	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrK0MDAxMTM0MxXiM9TNCnYxqsq0LE4zcs0FANfN4DMlAAAA
.casalemedia.com/	1970-01-20 10:28:04	Name: CMTS Value: 3359
.csync.loopme.me/	1970-01-20 10:28:04	Name: viewer_token Value: b338571a-ef83-4df4-90bd-96fbd03e6414

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.vidoomy.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ap.lijit.com
c.4dex.io
cdn-conectate.kiskoo.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
creatives.sportradarserving.com
cs.lkqd.net
cs.media.net
csync.loopme.me
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ecdn.firstimpression.io
eu.sportradarserving.com
f4d0651d6897861801138bc81c34007f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
flower-ads.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pelotainvernal.com
pixel.quantserve.com
prebid.media.net
rules.quantcount.com
s.amazon-adsystem.com
s.seedtag.com
s3.amazonaws.com
script.4dex.io
search.spotxchange.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.lkqd.net
t.seedtag.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
v.lkqd.net
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.stickyadstv.com
cs.lkqd.net
t.lkqd.net
v.lkqd.net
104.18.135.145
104.18.33.19
13.225.78.76
142.250.185.230
142.250.186.66
146.20.128.148
146.20.128.166
146.20.132.128
151.139.128.10
154.57.158.49
162.19.138.82
172.64.154.237
178.250.2.146
18.156.0.31
18.158.209.170
18.184.207.116
185.80.39.216
185.89.211.84
185.94.180.124
193.0.160.128
2.18.234.190
2.18.235.93
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::11
213.19.147.44
2600:1f18:612b:4264:f0dc:d918:bf86:3244
2600:9000:20eb:a800:6:44e3:f8c0:93a1
2602:803:c004:200::140
2606:4700:10::ac43:266a
2606:4700:20::681a:179
2606:4700:20::681a:8a9
2606:4700:3032::6815:6097
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:372
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:3500:14::1724:a251
3.19.54.139
3.33.220.150
3.64.108.88
34.107.148.139
34.149.50.64
35.214.223.115
35.241.34.106
51.75.86.98
52.46.151.131
54.208.89.30
54.231.228.184
54.85.151.23
72.251.249.9
76.223.111.18
95.101.27.149
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
008be15ff7db879ddccb3bf415d1143924af4eca6d1dd5250726ac423624f9d5
07ffc662409960f68206a28af3e399cd8ac775c7f247c8c28971b50b89b407f2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09778ab5d08d1983b0ba1d423603b1b0f2214947ed465534dcc9ac047bf929ba
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09e7ababe64e1aae2cb723c830dc029304928d7981db9029848f30db0c8e4895
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf65be9da1a437a26e253627ab0f2f09609df931eb9164800a45b0f5da7dbcd
0d5092023a806a644ff0f65c88d82aeb4b3effc1731c578cfd8f50d564e4c59c
14fa937604e0fd3f7f1f8fa5daa5ab7e25052e1b1b826688b0109fac4251bf6f
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19737707017ce7f188707e1e6fbae40088945cb235a8c37971b507b97d771a4b
1dff7355229e2b2fc0ee6946c28093af61f565e7426d63e9f21b3ca4e5e46413
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e894e7cf7187c224f386656a508446013f4cd6edea742f5241ce57258db06c6
1ea739c0b4ea9aa05b08122125469de6a4b6a43080a1e5c1b15ed2cd9a61cde9
1f364f30b25ec8ff7b9d9769406d196d9a4599151dc54202c81fbf2aa2259394
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
22422988179a455145a92ca06fe5a5250089a0d9c8fd6931ffbe07c13b369d62
277a735a69daa581268854820e7cfbaa5b73179d007e0e49aa41f3cb76af70d2
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2df18e778c12b663732747ea4aff7351a59f592ad30ab3b19156dc8f89984037
2f0e4e7388ba32cd0f4b6e29bccd3fedebe7aba679d9a1083c06270dbce31201
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
336182f1759d9bbb94d405eae118f13a00b5562e4253c9151d0f91e69801a4b1
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
3521616fbd1415fd86988bfc9773f6044497f54354e0b924f7db878f91c1af83
3620d28357207cd4b8092fe728bed5a606c78c07d4043ed225b7c3e8e58fa731
36c2343f3359688c9948184e631420db683b3d1a105206fcf76f1354c106425e
3aa5cdd18374b285ddc76c94ee1735df8b3e518cb7202fa7feec77a3b13437a3
3ac3a28bb64c45de399eab54bdabd6a8d24cf69b645c177cd13eb9d4c9890886
3bea18ec7510e834e69c41e3d825aa26802f3e2c3987855fb0d744dfe5eefdb0
3cb9c5344328c276197498d83345b3172183680f060a46aa8356547a469083ee
3daff18c183cfe75c2d9d476adde86e4de521d60dfb4192a00640e0b2f1c6568
40b107e68e62d14c40937f2eecee8427122e790af600cc95c07e4de011c267eb
43ed01782a52f74351b31f996f02f0761540c3af7cdbd0693891a3e5abcfa3c1
455d232ae6054856f28cb23b34ba060fd65341cf21dd7a5c9dfa93722752a2c1
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f719c1691461a5d778135c0512d51c87f8eea39be7ddad829830925902674b
47fd150ffd86b74ef6866294193c62a3c159b0d14cd237e32a9d0f64b4a551bf
48b4c71365efa44df7c705f5ca9229a5f0028a5a6eef612eebedb9c66cfba6f0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf46d6562ebb16a2d57abc90d66c4a4f9bbf9d19ad401fcffee2627eb77ad70
4ffe1619d0cddcd71c73eb41dcf1bf9219646f36b90667b3746c8a6771375fc6
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
52084175f1ddbd7e4168245880f4dd0c69cedbcac6096306ecae4e56181ad545
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d441dd6f2ae4acc218f9a0a83f1cb6f51f3f6ff2f6a7910a426f9253a4c58d2
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
6140ffb16b9b8b596e53f5c2f20d627f44669d2bc0c623bd24b539671941d67b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6427a000d32e63e1a3f495244e4a1e54a0aee4da070302c7a2077dab92338c26
647131415201ca0045ff7838f0473a3f937ca5339e84b274975274f1516fe233
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6861490ff123153e9cc582abc56ae5ad400add339d07b36b508ba49b59253198
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da26eb5365137524cbccd79c3477776da39c6b410cebaca4e83bdce87555893
74df90f5f0e27dd5df2470215692754169878aa5443c25a3515e1768e3db03b1
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7c8bff5c80409adfdc10df0bead21c943f740f0011914237519571c7815fb94f
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7f3f2148646b7fd2c8c2c3d1b64dc830f0d0a3716dfcf621b69bb555067fff47
84c7167870d0b7e83e1ccf86c546e98a636bf84ad358450eff86d5be861499f0
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ec184cd9b3cfb5ccbf631c766fc0d6b01d8811184a5f6f49f2ec528429dad4
8a022c6c938afeb0e5dd36986c3cf48f45826427691cb4e1e87f6c44e07a4196
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef3afc49900acf681bc8da9379c406481c119b94ad0aca2ed9f8cbe5e5ef764
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9594d1f291ed60de3c7e557f39a215574fa481c65da262820513905f02c9ac00
95d29331c4b50e5830ad88d24ac216e62219369f21be660bed60fe46997a7aeb
9aaea47183f288f02277ccbbaa54601ed44d52588c875f5f8784ce79d74877be
9c7bec7acf81e49f597be6e31f11fdc45bbadd366c8bb0f6758f44b1173e3854
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9debb385ae6bed6143b5e0725781a1f8e3bcfc7cc095512b8cae51497b11810d
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a60b2b58d7356ab2c464b18de5fc1614f0c78c9068db9e897ff100da36725160
a67612c801d54b2817687d2155b63f849b671d96ffd423cb77b36b0b66fa2192
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa0ce63b2a5087913c6397603b996268423609e29101ec56d71daa78a1f32cce
ab64b6f4d68180cdaed46eaf515f32559a420a0fb222a2f5ffb724951dfcdbce
ab9b6f9bb57199e4cab44d2c9ff5775b8e726252bdb8e74cdf2ea39e338d3bc6
ae4a5ec274db055275c64c8c89e892fa91952d2ee8b589521ed1f5525659aaef
af9474e5a7a9093351569e5cb64b9b34596d02e5cd1ede8ead7acf41740f76cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38aef623e939c576da3804ae119f4f93825ae81dbb1bc57bc54a6b027eabba2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b59274b06fc793177aedbfa4b52d6d2571528266198414ae2b1795d7d87bff48
bac0705d11ffc896d765dc3507e2ad3abb961795b05bb857039ca92f649a0745
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd1eb27ef618c453a405e4e3940704a552c52ddb46644a334371c74a9e5c104f
bd558b6b0fa8256504d6f1796203c55c540013d7d4021f79241476f3ac49dac1
bdbbb447bf69f791cb6717a186852f2b9661ca900a74d8235d37ef9ed65ac0dd
be37b239164bd86d3c3ace508689f54cf7b28cb38b4b29e7335dc4769ca357b6
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c1cd39a2844d8032262c534ac0b3c183201495f8c9af2d47693fb39b00916db1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c356202a29d9bc9718f3d2f660f9d77e36091207ca6a354d21cd7ef444b6e893
c422479553afe51836b804de5f8e16d7cfaa9fafead477c0fed10b0dbc18b4a9
c54527742912dc24ffdbc35d926d8d76f016b8258e9ebb94dfb50a729d6901df
cd257ced5860b54b3c71dd2e1c9704a552f0c2be8e63ef42cdf47e05293da1bb
ced0cfc4c3efb712101402f63a86332a8ea43f31f6045905c18889253855bb11
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d136a971dd9f41943b042636988e8b6c23dcea5fc7d18a906c4af22a59039f7a
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d74835ebc144bb92d18a970ca79cae0840c356a5967bb1d1d9428c32c183cdb1
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d8815748166bc70f7148af827bb91ba0f10660cf6860b9dc22bb72cd3ebb628e
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9aaf26488aae1cc952285c7f41b85a67066f174171e153afd2d16e7b192600b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcdd586cbbbd28c5b4a2c9b9ced92f17f7738885bccb0a9554f2cad4ff7331f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb2ddf215c90be42d31a0ee0cbe50d949ae180eb1aeb6e12ac93090fa239e39a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee735ad9351455e1417cd144ed24de18f6311c98a1284b55cd59fd0d25489d22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f1d89752c3718abde5ab137c8702a7bffb5564f2f0e1297fa90237a2810f4535
f3c77fc8af80c9091265ce11fb591cfdcfd300d248c3ee73366907881bbb1877
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f4c5149e19fa408da4762aa82ec423da78d03b2fbff0f8aaae390f32ef3649f2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b90536b31ee183cfdc77524348e9d7a271b6b71a0f084012d79f78f8a5228a
f7b7ee0af546a29f6086ef0111d8bbff04ca8f3ae839cdf428cd0cc40c009b63
fe8a6570027e23af6d729e24846f6602c7acc23543a11379cb440a6c8f0e7391

pelotainvernal.com Open in urlscan Pro 54.208.89.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

369 Requests

84 %HTTPS

46 %IPv6

50 Domains

74 Subdomains

63 IPs

8 Countries

3324 kBTransfer

9253 kBSize

54 Cookies

3 Outgoing links

Redirected requests

369 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pelotainvernal.com Open in urlscan Pro
54.208.89.30 Public Scan

Screenshot
Live screenshot

Full Image

369
Requests

84 %
HTTPS

46 %
IPv6

50
Domains

74
Subdomains

63
IPs

8
Countries

3324 kB
Transfer

9253 kB
Size

54
Cookies

369 HTTP transactions
12 data transactions