victorraulrr.info Open in urlscan Pro
50.31.188.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://victorraulrr.info/descargandoapp/full?api=09246a919fa6944f4720e2b4031ccc9948636ab4&url=aHR0cHM6Ly93d3cubWVkaWFmaXJ...
Effective URL:
https://victorraulrr.info/descargandoapp/7rCE0m
Submission: On June 20 via manual (June 20th 2023, 8:03:55 pm UTC) from CL — Scanned from DE

Summary HTTP 190 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 35 domains to perform 190 HTTP transactions. The main IP is 50.31.188.60, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is victorraulrr.info.
TLS certificate: Issued by R3 on May 27th 2023. Valid for: 3 months.

This is the only time victorraulrr.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	50.31.188.60 50.31.188.60	23352 (SERVERCEN...) (SERVERCENTRAL)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	18.155.129.39 18.155.129.39	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:5e00:a:e047:753:be1	() ()
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.155.201.15 54.155.201.15	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
12	2.19.245.134 2.19.245.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.213.170.21 23.213.170.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
6	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2600:9000:205... 2600:9000:2057:7a00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
3 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:402... 2a00:1450:402a:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:2::9	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
190	54

9 50.31.188.60 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: single-2040.banahosting.com

victorraulrr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-39.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5e00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.201.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.19.245.134 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-134.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.170.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-170-21.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify-imp.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7a00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:402a:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:2::9 (Ireland)

ASN15169 (GOOGLE, US)

rr4---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

widgetmonitor.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1t-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	603 KB
30	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	349 KB
16	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1354 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3556 odb.outbrain.com — Cisco Umbrella Rank: 3245 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5720 amplify-imp.outbrain.com — Cisco Umbrella Rank: 4406 widgetmonitor.outbrain.com — Cisco Umbrella Rank: 9986	106 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	359 KB
9	victorraulrr.info 1 redirects victorraulrr.info	198 KB
7	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1007 e.clarity.ms — Cisco Umbrella Rank: 22708 c.clarity.ms — Cisco Umbrella Rank: 1573	27 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	361 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	2 MB
5	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9654 log.outbrainimg.com — Cisco Umbrella Rank: 2513 zem.outbrainimg.com — Cisco Umbrella Rank: 2398	12 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9308 flint.defybrick.com — Cisco Umbrella Rank: 8374	20 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387	683 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	210 KB
2	zemanta.com b1-nydc1.zemanta.com — Cisco Umbrella Rank: 4657 b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 4054	254 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	335 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	22 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 246	739 B
1	googlevideo.com rr4---sn-5hnekn7k.googlevideo.com — Cisco Umbrella Rank: 60482	2 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1637	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	608 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 3582	4 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	878 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4835	408 B
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1996	904 B
1	ad.plus ad.plus — Cisco Umbrella Rank: 58985	970 B
190	35

	Domain	Requested by
28	tpc.googlesyndication.com	2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com googleads.g.doubleclick.net victorraulrr.info tpc.googlesyndication.com securepubads.g.doubleclick.net
26	pagead2.googlesyndication.com	victorraulrr.info pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com securepubads.g.doubleclick.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net victorraulrr.info
11	widgets.outbrain.com	2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com victorraulrr.info widgets.outbrain.com
9	www.gstatic.com	www.recaptcha.net googleads.g.doubleclick.net
9	victorraulrr.info	1 redirects victorraulrr.info
7	www.googletagservices.com	victorraulrr.info 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	s0.2mdn.net	victorraulrr.info s0.2mdn.net googleads.g.doubleclick.net
5	www.google.com	3 redirects victorraulrr.info tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	victorraulrr.info googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	log.outbrainimg.com	widgets.outbrain.com
3	e.clarity.ms	www.clarity.ms
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com victorraulrr.info
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	victorraulrr.info www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	googleads4.g.doubleclick.net	victorraulrr.info
2	csi.gstatic.com	www.gstatic.com
2	flint.defybrick.com	rock.defybrick.com victorraulrr.info
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects victorraulrr.info
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	victorraulrr.info www.clarity.ms
1	b1t-nydc1.zemanta.com	widgets.outbrain.com
1	c.bing.com	1 redirects
1	widgetmonitor.outbrain.com	widgets.outbrain.com
1	rr4---sn-5hnekn7k.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	b1-nydc1.zemanta.com	widgets.outbrain.com
1	amplify-imp.outbrain.com	widgets.outbrain.com
1	rock.defybrick.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	zem.outbrainimg.com	victorraulrr.info
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	victorraulrr.info
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.google.de	victorraulrr.info
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.recaptcha.net	victorraulrr.info
1	ad.plus	victorraulrr.info
190	60

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com

Subject Issuer	Validity	Valid
victorraulrr.info R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ad.plus E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-06` - `2023-08-15`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://victorraulrr.info/descargandoapp/7rCE0m
Frame ID: A10A0DA3782665A9F3EBF8416F731173
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html
Frame ID: 7416B4FAC825D3880A239180FF692BB3
Requests: 1 HTTP requests in this frame

Frame: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2BA6B51E79556016F7E9362E2A191F6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&adk=1812271804&adf=3025194257&lmt=1687291429&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428847&bpp=6&bdt=615&idt=317&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8644567734621&frm=20&pv=2&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339
Frame ID: D13D4875F4F8D4619DB3DDD243AA20BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=5790268525&adk=594043572&adf=2364240886&pi=t.ma~as.5790268525&w=728&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=728x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428853&bpp=2&bdt=621&idt=345&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YW7xioQmme&p=https%3A//victorraulrr.info&dtd=350
Frame ID: C76CAADC2EA98614787CD5A61E8319A9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=7413782241&adk=269421795&adf=342060399&pi=t.ma~as.7413782241&w=336&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=336x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428855&bpp=1&bdt=623&idt=361&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SAkXG1JL2q&p=https%3A//victorraulrr.info&dtd=364
Frame ID: 95E2E707FA66CA64FD28E68CCBDED32A
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=victorraulrr.info
Frame ID: 6C263A8FA01593568A91A2F1006863AA
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CB1C13B47131B5A4CC42D87234008398
Requests: 1 HTTP requests in this frame

Frame: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8C1408F26D489F9157785C9F459F510
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 89302CD0585E92E649BC5D6884518495
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 47117B2EEA4ED42609FAF847E221E470
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: AEF2D2DBB390309D9F049FCE1A5E36DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: 3D2A56F57BCC075CC33A41445902BF1F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7352E3B460578E583B578C893A168C45
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 62FC69483D0BC86F3724FC093EDAC174
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 782C5CBF60FFE3E333EDB10FA97794C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: 410F1B9288B8AE670652383A16928F34
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: E0A1B086F44A440DC411EA1FF3113BD1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: E3C0C4644912F5433E73A39A6EB9E247
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E1E0CCAA977AAB875274F65A1D5576E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNUlNTP4sPIEQq0lTurn5zWnfAE7tzzwymmFzdjefRnjSnb5-TEjz_aAtLE2pSIdNbFs9nXaOWh_HkWLDRAg4K9HdcNiL0udj_fGZqyYn8k9ABI55v8Pmp3yLmF1VYQk4npZGjqjIuX-1toD9PqdJ8LqWcXEF1hbCR7ce3BZoY35od4NXHc
Frame ID: 8CA2F2B0B372A8D20488DB479C55E43C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D1B45720BA4603FDF07C4B0D9B0E5D4F
Requests: 18 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/47a9bcead4760fc70edbade504912d92.js?tag=client_fast_engine_2019
Frame ID: F41B11716C0F6EDD3C8E3C47D75B6C66
Requests: 13 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V-RTIeKNWXBLszONrIHjS8h0F6JGBX_m2bLem2vbDRWPOYHfo7uz-G46_p-p5rKG1gMqYnO_VMU-UBnfg4YApy3WwlxH3n72tdnHRX2NX2GRvJRIV-wca9jEv7T7keU5yEV4YzwVT6HOStbJM68GLQP4BTHztrj78qDtq25-4rnqFdcLjSy1GPq14NxKQtcHpiSCAiowaqCKNqCXREF0el-JHejDILGa5V_5jWwqGvZtTgwXKo-ZQgTlHwO4DuZU0aEf_-kWmom2gKyYCweMr_FxlFTit84dqjClRavzCHJK370gy-kLEWKT_FdW9q55U8vJUxQ8GnRGG5LxWcQ8oP2Vwr1yxflm4hN8Yczp9clIlY1v7CipEVHe3qfskqx3VgyClaZxTK6HF7Zrwg0BnCoIiLV4b-BmSY9luV0w4wz7rsXhia_wMFwvnUEjskYdZN_yKewAh3Q7lvMvLjhYXlzVsN9eP6Rj8emK95Jkq0VMugGYE08Oz8IHawAkGM232YMcPjO6Hv5fLk656mIbFfPbiHng3iIsbSc6hNPsdq6at7u-hz95PAO6yS1WeuqCsjCCoSJOCtuRy5nrMS1U4OtMnoa3hkLcMnPQVZTbKR7mgro5wCIW4X27A8_tvXuACCkTx3q25r6gbcVIjw7NXN1sp01W3CfiAcMwwSBWTP9TPOa0_TdAOCuzKTwrSlZ-_ygwvR4nICdg4vUqjH6NL8eYYHk35cAL0Wob4cTEMR4ivB0aHPVS1ByBv9-_9VoTpi2R63msaHlNBD4epLSTLRYp5n3xfLDsa_iIpSnVRTMmS_7-r47vaXc7xlWxBw8lXPQbfee1Oe1Q-vwlERIZgcgtnMtKSiKz_NlkYK8IcWJHTmiCNgTlfm1mJ4zU531ypiHpq5Md9-HmL7pOCc_IVuHgqMyReS-PpMONyE7Ry7hQZKQkF9SFyshnW8N8YkyCOyq8nmmBCaTJRh3_Mfkn_klOyCYCN096G7Yw9LzIxos4QzLFLFqCpb9DVh_TDfOgdMh4M5Vt3tn_fvGFdNACLeCA0lfWJwSRGSKQg-wsDJpTiKm5Dlv4a9bIVkVCgo6JCvLObsl8WPIufkwFJBuc994XoJLM5XS5UpWU7HGEyDJipJGX04NR93YuiTsO8EQIj0NCZY5Gkv-T6-4r8ZpRom1dbVHm2XRj8i0y89XNXjk2X4-mD_WWvHRSFKpQbqvsO5sWUfF_4nbcLcChlpr-B6kPikE-iapSrh67eqCzL8Fr15V8AhRvuQvZRLKfOHkjdDL8xW8oMVchY5aII_9I1aZp7O0E9EVC8Hg77sOTU22rbd4erXSBw2i4YzhM80DLsDXnwJBOFOBAoPE9In_rKYG1cVGfDYMmF-3cHxbqPoZ4SVLU-M7Fx4FSNylLQbKFoYBto83HllJsehMZa3PtfYLT99D-XfCDBuQe_zDwNp8HJIEoVKjP9Rjo6nTkuiSyMpMMT2r7hMStZ7IJlLp4QC1pwowNtD2OglC9S2IDifeKVwM_-AhvjZKE7ZgQNXAujQ%26c%3D2db3b474%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2F
Frame ID: D451DC6E7FC7AD6C9E66F63A59E444BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: 0C7AF3A6FCFBC97EB5833BFCAF6FDAFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 36F8B5F8C79922E6B085D9D9530E28C6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
Frame ID: 457019C2CB0A54363E6D685E4E3851DB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Frame ID: 1898C5D5EFA04BDA8B592D1E8FBCA96F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 370F946061E4DA0131854687C8862490
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DC469A07DF31756440AA0F7B24C5194
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11E575238867571728432BA8D749242B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ᗒ VictorRaulRR Apps

Page URL History Show full URLs

https://victorraulrr.info/descargandoapp/full?api=09246a919fa6944f4720e2b4031ccc9948636ab4&url=aHR0cHM... HTTP 301
https://victorraulrr.info/descargandoapp/7rCE0m Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

190
Requests

96 %
HTTPS

59 %
IPv6

35
Domains

60
Subdomains

54
IPs

7
Countries

7025 kB
Transfer

11302 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/victorraulrr

Search URL Search Domain Scan URL

URL: https://twitter.com/victorraulrr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://victorraulrr.info/descargandoapp/full?api=09246a919fa6944f4720e2b4031ccc9948636ab4&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL253MG9nNWdkbGdoMTFzMC9XaGF0c0FwcCtQbHVzK3YxNy40MCtAVmljdG9yUmF1bFJSLmFway9maWxl&type=2 HTTP 301
https://victorraulrr.info/descargandoapp/7rCE0m Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://oajs.openx.net/esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp&cc=1

Request Chain 53

https://gum.criteo.com/sid/json?origin=publishertagids&domain=victorraulrr.info&sn=ChromeSyncframe&so=0&topUrl=victorraulrr.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=olzCDHxvMEZRNEhDQUNvSURIT0M1UnZvV1pNVFdGR213UWVnenlqb0o3WFBORjc4ZEpCMy90QVFST0dpdGgxVGJ6TW9UdGk4RUNnc2kwYU5QcE1zWitPRy9HdWdxZ20rUUJCQ2pHRUFYSWgxTmlkajJJcXpNVWxOVFBEVHA3dVR0Z053RGdiVEIxRk9rTG0xREE4K3QzakRrT2NUeUduM0trblpJeFl4aUhkbXJ2RTVEeG82N2J4WFZ3RHN4dWM5aGd6NHhoN1lBNHU2aFFMSDFJNjU0NjllTmVWc211YUQxV3VjTjFkWGd2Vmk4clZnZWJ6WjNKc05CMVhXdTdGejNRdENtaDV5aUJ2K2FjSEpmMUVyWDQ4M3h6SjlNSCtmcGN3RXdvU2VJV2tpVCtnUT18&cppv=2

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJIGJ7OdKbF80cpq64VLHAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypYpRzW4q-iaIp8vwm5Y&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjA1OTUzMTEwMDkwMTI5Mw%3D%3D

Request Chain 173

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&RedC=c.clarity.ms&MXFR=0403B92BDA6162C62DF7AA1DDE616C00 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&MUID=2411774069D463983F26647668D46259

190 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 7rCE0m Show response
victorraulrr.info/descargandoapp/
Redirect Chain

https://victorraulrr.info/descargandoapp/full?api=09246a919fa6944f4720e2b4031ccc9948636ab4&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL253MG9nNWdkbGdoMTFzMC9XaGF0c0FwcCtQbHVzK3YxNy40MCtAVmljdG9yUm...
https://victorraulrr.info/descargandoapp/7rCE0m

16 KB
6 KB

188ms
186ms

Document
text/html

50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

382887862afe1422a4b15b0bc254b6f3ae8f2291ed7f31bf5c4e41df0c7a3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Jun 2023 20:03:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Jun 2023 20:03:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://victorraulrr.info/descargandoapp/7rCE0m
pragma: no-cache
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

465bedded883d1291a79639e9537e2c41367e65ce7bcd9c009e8cbcd21a99920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:50:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 styles.min.css
victorraulrr.info/descargandoapp/modern_theme/build/css/ 195 KB
32 KB 214ms
212ms Stylesheet
text/css 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/modern_theme/build/css/styles.min.css?ver=6.6.1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

0b3646e0fa00be9c1cbb3a7dc1ad1d0348dbdbec5b6e023b012cf8e0d2927fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/7rCE0m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 05:16:56 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000,public
accept-ranges: bytes
content-length: 32999
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 20:03:47 GMT

GET
H2 200 custom.css
victorraulrr.info/descargandoapp/css/ 1 KB
476 B 216ms
215ms Stylesheet
text/css 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/css/custom.css

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

efa0a092b2d5f1b407d4a258a3f43167273783b28651768abf222928aba2b678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/7rCE0m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 May 2023 22:27:50 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000,public
accept-ranges: bytes
content-length: 418
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 20:03:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 208ms
88ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4254051274173543

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be2ddc1fd9d190bff56ba19055b007cffe86b2c1e3834aa92c0b0299774461ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Origin: https://victorraulrr.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47277
x-xss-protection: 0
server: cafe
etag: 994585785153334498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
48 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150742105-1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aba462719cafb4e5085a34956eee9a4ff4fa9b44044c69bfc3885c1daedfd087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 181ms
95ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5GHSG5YVH5

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad48890fd2e12f69b8f963c3d7e19cfdd461ae3fb2b70ce5916482e9cd7f11f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
26 KB 210ms
110ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0d1f0eb637977c4b11deb4668d81099f031f1223abc9761e7c26c2da480c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26484
x-xss-protection: 0
server: cafe
etag: 415 / 19528 / m202306140101 / config-hash: 15645185001691524896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 adplus-advertising.svg
ad.plus/ 735 B
970 B 48ms
13ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.plus/adplus-advertising.svg
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 20:49:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6459
etag: W/"2df-5a27d2a9698fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOjlAuC5D03T0pv7Oez1tcoI6kW9tOLnbajjlTum2xQ%2Bfx9L0Ds0OXgXY5FEAij5lHsuxENzIrftklSpAR7fAGd2gGEeassZEnqXkgvzwr%2BKyfj93MV%2BH7lTWyp%2BmOQ6LSXihV8r"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7da69e045b993648-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 VictorRaulRR-Apps-Logo.webp
victorraulrr.info/wp-content/uploads/2022/02/ 5 KB
6 KB 258ms
257ms Image
image/webp 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://victorraulrr.info/wp-content/uploads/2022/02/VictorRaulRR-Apps-Logo.webp
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: single-2040.banahosting.com
Software: /
Resource Hash: 5f27ef1b11dfa390ba5f7954370ea21aec89e8a2772f7b7d8e41b6eccc7df42a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/7rCE0m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
last-modified: Sat, 05 Feb 2022 22:29:23 GMT
vary: User-Agent,Accept-Encoding
content-type: image/webp
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 5572
expires: Wed, 18 Oct 2023 20:03:47 GMT

GET
H3 200 ads.js Show response
victorraulrr.info/descargandoapp/js/ 191 B
517 B 107ms
106ms Script
application/javascript 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/js/ads.js?ver=6.6.1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/7rCE0m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 05:16:56 GMT
vary: User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 191
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 20:03:47 GMT

GET
H3 200 script.min.js Show response
victorraulrr.info/descargandoapp/modern_theme/build/js/ 218 KB
61 KB 107ms
106ms Script
application/javascript 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/modern_theme/build/js/script.min.js?ver=6.6.1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

21ee7f2ef72869019add72b96d7798bce20e6281b72fee271b7061a411e507e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/7rCE0m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 05:16:56 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000,public
accept-ranges: bytes
content-length: 62091
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 20:03:47 GMT

GET
H2 200 c7zmc9ir44 Show response
www.clarity.ms/tag/ 1015 B
1 KB 363ms
119ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/c7zmc9ir44
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4562d4b39602ab4423fc22ebced8e2256bc9845f9d95e89861975962a8c724a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: -1
date: Tue, 20 Jun 2023 20:03:48 GMT
x-azure-ref: 20230620T200348Z-n9vwxzz5w97vpbz25gvuphdqt400000001d000000000yvx1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1015
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 footer.jpg
victorraulrr.info/descargandoapp/modern_theme/build/img/ 16 KB
16 KB 286ms
285ms Image
image/jpeg 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://victorraulrr.info/descargandoapp/modern_theme/build/img/footer.jpg

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/modern_theme/build/css/styles.min.css?ver=6.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

347aa49788b3f6f662f316981e24cd4db0581e72eb250382a966879e92a79432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/descargandoapp/modern_theme/build/css/styles.min.css?ver=6.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 05:16:56 GMT
vary: User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 16335
x-xss-protection: 1; mode=block
expires: Wed, 19 Jun 2024 20:03:47 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 165ms
81ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://victorraulrr.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 278979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 14:34:09 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://victorraulrr.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 19:34:33 GMT
x-content-type-options: nosniff
age: 260955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 19:34:33 GMT

GET
H3 200 fontawesome-webfont.woff2
victorraulrr.info/descargandoapp/modern_theme/build/fonts/ 75 KB
75 KB 167ms
167ms Font
font/woff2 50.31.188.60
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://victorraulrr.info/descargandoapp/modern_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/modern_theme/build/css/styles.min.css?ver=6.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

50.31.188.60 Chicago, United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

single-2040.banahosting.com

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://victorraulrr.info/descargandoapp/modern_theme/build/css/styles.min.css?ver=6.6.1
Origin: https://victorraulrr.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 05:16:56 GMT
vary: User-Agent,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
expires: Wed, 18 Oct 2023 20:03:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5GHSG5YVH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150742105-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b56613af6f22b895be29ded556e4d3bd01b861f663793f2aa011339a8a4a3505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 131ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150742105-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 18:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5306
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 20 Jun 2023 20:35:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5GHSG5YVH5&gtm=45je36e0&_p=185643862&cid=271670831.1687291429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687291428&sct=1&seg=0&dl=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&dt=%E1%97%92%20VictorRaulRR%20Apps&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GHSG5YVH5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
127 KB 157ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 18:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5832
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 19 Jun 2024 18:26:36 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
1021 B 190ms
72ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=victorraulrr.info

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea1f9ddd30c9f7e1207622398f7718c412df39238c7ad67d4251e2a68bf4895f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
904 B 174ms
48ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/modern_theme/build/js/script.min.js?ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0621568cb4a28a5b5ddbe5b23e996cc1bfd2d79d0a98fabb9c030641bfacf319

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 196ms
117ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4254051274173543&plah=victorraulrr.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4254051274173543

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca3d34356f3afc7cfaa2e1f841f41dedb6cbbf80c6fd537bc2db760f25589f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120776
x-xss-protection: 0
server: cafe
etag: 7979914186407326837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/ Frame 7416 10 KB
5 KB 124ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4254051274173543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 21:47:11 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 21:47:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 19ms
19ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c7zmc9ir44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:48 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 09:56:44 GMT
etag: W/"0x8DB70AB7D215D1F"
vary: Accept-Encoding
x-azure-ref: 20230620T200348Z-n9vwxzz5w97vpbz25gvuphdqt400000001d000000000yvxu
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3928accf-c01e-0014-3999-a266b4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 45ms
45ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=185643862&t=pageview&_s=1&dl=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&ul=en-us&de=UTF-8&dt=%E1%97%92%20VictorRaulRR%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1063651729&gjid=138642862&cid=271670831.1687291429&tid=UA-150742105-1&_gid=1803096487.1687291429&_r=1&gtm=457e36e0&jsscut=1&z=800116953

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=185643862&t=event&ni=1&_s=2&dl=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&ul=en-us&de=UTF-8&dt=%E1%97%92%20VictorRaulRR%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=utm0lb&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=271670831.1687291429&tid=UA-150742105-1&_gid=1803096487.1687291429&gtm=457e36e0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fc7zmc9ir44%2F1picnat%2Futm0lb&z=1570765345

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 04:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-150742105-1&cid=271670831.1687291429&jid=1063651729&gjid=138642862&_gid=1803096487.1687291429&_u=YADAAUAAAAAAACAAI~&z=1140732393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Jun 2023 20:03:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 419 KB
169 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41f0f6e9abce97c5dc8366d88ba43460d877ef249ac1205e271220292f798b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Origin: https://victorraulrr.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172144
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 15:30:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 146ms
61ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-150742105-1&cid=271670831.1687291429&jid=1063651729&_u=YADAAUAAAAAAACAAI~&z=350490815

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 164ms
80ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-150742105-1&cid=271670831.1687291429&jid=1063651729&_u=YADAAUAAAAAAACAAI~&z=350490815

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
297 B 328ms
127ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://victorraulrr.info
Date: Tue, 20 Jun 2023 20:03:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 132ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=victorraulrr.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 65ms
18ms Script
text/javascript 18.155.129.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-39.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 01:47:30 GMT
content-encoding: gzip
via: 1.1 2337aeab2297ca19027573938bc0ae66.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 65780
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: N85Hec-jAqH0mrT20cu8GE33BFss6sofCxeNfmhgSvvbaJiLZx8HtA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 58ms
14ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:37:41 GMT
via: 1.1 google
age: 1568
x-guploader-uploadid: ADPycdtBDp3fc9n9qUyNFvbvodkLEKfoibCS0OZ5vooHqikYwJ8R7P3xV2Lu2IK53upn5tLopKZXEgvBJt3e24qS5enK9g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Tue, 20 Jun 2023 20:37:41 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 271ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 20:03:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31447
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230122-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 79ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:03:49 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 61ms
18ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 418
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7da69e082bee9150-FRA
expires: Wed, 21 Jun 2023 20:03:49 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 65ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:19:11 GMT
content-encoding: gzip
age: 1215878
x-guploader-uploadid: ADPycdsREtQxZxav4tOS9OvCciAPMqqeZa1pkTU5XzDBXQ37lv71VdUuYNvluiMQmEx1stug_2bRdYNakrJoFxp7qOoqrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 05 Jun 2024 18:19:11 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 35ms
8ms Script
text/javascript 2600:9000:2250:5e00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5e00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 20 Jun 2023 05:58:55 GMT
Via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 50695
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 4ZVJG8YGHoyXbsHMLgPgnzzZTkmaCmW8M00ZPfgr-3kMwAW_0KhWHg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 83 KB
21 KB 69ms
23ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c216860f82a201e909b917ff2eca53e9787b05ec1fe5a69a0d4b994d95781c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 20 Jun 2023 07:12:13 GMT
server: cloudflare
x-amz-request-id: 34KVSHXD4VQDPVPM
age: 2348
etag: W/"916c7961f99d2ada149bc1a94a1bf864"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7da69e086cbd9a35-FRA
x-amz-id-2: wWglYI6xxQIov4fUhA5DLCD0TLEvTDSr2gaeKkkTo5KOM+gm6FbkN4KT0vlDdxvan9jTUSPg+5RQ/nfpy0SMng==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 663ms
662ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3691596726563996&correlator=4314489235002532&eid=31075486%2C21065724%2C44769662&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fif&iu_parts=21849154601%3A22681331318%2CAd.Plus-Anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C960x90%7C750x100%7C950x90%7C468x60&ifi=4&adks=3561977089&didk=3917016210&sfv=1-0-40&prev_scp=site%3Dvictorraulrr.info&sc=1&cookie_enabled=1&abxe=1&dt=1687291429109&lmt=1687291429&dlt=1687291428232&idt=843&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=970&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7YGg040xSABSAghkEhsKDDMzYWNyb3NzLmNvbRjugaDTjTFIAFICCGQSGQoKcHViY2lkLm9yZxjtgaDTjTFIAFICCGQSFwoIcnRiaG91c2UY7YGg040xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGO6BoNONMUgAUgIIZBIUCgVvcGVueBjugaDTjTFIAFICCGQSGQoKdWlkYXBpLmNvbRjugaDTjTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO6BoNONMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc60e7b5081f984a54887164b4ec24886ac5d08e579724618cef83b69c6dce32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11907
x-xss-protection: 0
google-lineitem-id: 6133420976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407672210
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2BA6 6 KB
3 KB 166ms
46ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:49 GMT
expires: Wed, 19 Jun 2024 20:03:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 143ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=victorraulrr.info&callback=_gfp_s_&client=ca-pub-4254051274173543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4254051274173543&plah=victorraulrr.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6d5a4ec9bd8d2f5cd2acc332207d9f9e93e94bdc6e50cb47e35ce01c53a0565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D13D 362 KB
82 KB 1431ms
1430ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&adk=1812271804&adf=3025194257&lmt=1687291429&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428847&bpp=6&bdt=615&idt=317&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8644567734621&frm=20&pv=2&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57dd13dd26638e64ef851ae0843978a83988c818abb74f0ee1b8562f34c57cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
expires: Tue, 20 Jun 2023 20:03:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C76C 85 KB
33 KB 949ms
949ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=5790268525&adk=594043572&adf=2364240886&pi=t.ma~as.5790268525&w=728&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=728x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428853&bpp=2&bdt=621&idt=345&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YW7xioQmme&p=https%3A//victorraulrr.info&dtd=350

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea0595e4cd9dcadd83378b16dae8a461d1dfce5dc105d483ff685b106198648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
expires: Tue, 20 Jun 2023 20:03:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95E2 116 KB
39 KB 982ms
981ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=7413782241&adk=269421795&adf=342060399&pi=t.ma~as.7413782241&w=336&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=336x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428855&bpp=1&bdt=623&idt=361&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SAkXG1JL2q&p=https%3A//victorraulrr.info&dtd=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa6ef89bd4ae8ed43d1b4a61041d9f687943363cc08638491a319e463d936893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40108
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
expires: Tue, 20 Jun 2023 20:03:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 35ms
34ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8e1ef89b3c033ab7d605b02d94b80fa7ffe9d4a3346ed46d1548bebba40eb858

Request headers

Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a0ffd5d614f5b8e0c4c78663d9990e3f
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 68ms
27ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://victorraulrr.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://victorraulrr.info
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 20 Jun 2023 20:03:49 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 6f32ae4b79784bfe3abd492dcb6dedb0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp&cc=1

85 B
203 B

171ms
169ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp&cc=1
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 332b7916a31bf8fe29f642f556c7740fb0ca9dcddbed901b39539ead375e4b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-xUBhfgIYvujLYuUd0pORaA3P8lY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://victorraulrr.info
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 20 Jun 2023 20:03:49 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://victorraulrr.info
location: /esp?url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6C26 15 KB
6 KB 45ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=victorraulrr.info

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 298521
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 105ms
29ms XHR
application/json 54.155.201.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.201.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d42d07bf57c5ab6db093274c06fe553fe94071b718a825d50a84d7a525c6dcbb

Request headers

Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:49 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache
x-server: 10.45.17.61
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 31ms
8ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://victorraulrr.info
date: Tue, 20 Jun 2023 20:03:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6C26
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=victorraulrr.info&sn=ChromeSyncframe&so=0&topUrl=victorraulrr.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=olzCDHxvMEZRNEhDQUNvSURIT0M1UnZvV1pNVFdGR213UWVnenlqb0o3WFBORjc4ZEpCMy90QVFST0dpdGgxVGJ6TW9UdGk4RUNnc2kwYU5QcE1zWitPRy9HdWdxZ20rUUJCQ2pHRUFYSWgxTmlkajJJcXpNVWxOVFBEVH...

465 B
677 B

97ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=olzCDHxvMEZRNEhDQUNvSURIT0M1UnZvV1pNVFdGR213UWVnenlqb0o3WFBORjc4ZEpCMy90QVFST0dpdGgxVGJ6TW9UdGk4RUNnc2kwYU5QcE1zWitPRy9HdWdxZ20rUUJCQ2pHRUFYSWgxTmlkajJJcXpNVWxOVFBEVHA3dVR0Z053RGdiVEIxRk9rTG0xREE4K3QzakRrT2NUeUduM0trblpJeFl4aUhkbXJ2RTVEeG82N2J4WFZ3RHN4dWM5aGd6NHhoN1lBNHU2aFFMSDFJNjU0NjllTmVWc211YUQxV3VjTjFkWGd2Vmk4clZnZWJ6WjNKc05CMVhXdTdGejNRdENtaDV5aUJ2K2FjSEpmMUVyWDQ4M3h6SjlNSCtmcGN3RXdvU2VJV2tpVCtnUT18&cppv=2

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ac569705152b86523abac49402f4352d3eb1b181808a8933dabfb9a83a8ecca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1254771
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=olzCDHxvMEZRNEhDQUNvSURIT0M1UnZvV1pNVFdGR213UWVnenlqb0o3WFBORjc4ZEpCMy90QVFST0dpdGgxVGJ6TW9UdGk4RUNnc2kwYU5QcE1zWitPRy9HdWdxZ20rUUJCQ2pHRUFYSWgxTmlkajJJcXpNVWxOVFBEVHA3dVR0Z053RGdiVEIxRk9rTG0xREE4K3QzakRrT2NUeUduM0trblpJeFl4aUhkbXJ2RTVEeG82N2J4WFZ3RHN4dWM5aGd6NHhoN1lBNHU2aFFMSDFJNjU0NjllTmVWc211YUQxV3VjTjFkWGd2Vmk4clZnZWJ6WjNKc05CMVhXdTdGejNRdENtaDV5aUJ2K2FjSEpmMUVyWDQ4M3h6SjlNSCtmcGN3RXdvU2VJV2tpVCtnUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 277091
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame CB1C 0
167 B 75ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 20 Jun 2023 20:03:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8C1 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:49 GMT
expires: Wed, 19 Jun 2024 20:03:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F8C1 24 KB
7 KB 163ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
URL: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 23:46:16 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame F8C1 228 KB
82 KB 53ms
10ms Script
application/x-javascript 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
URL: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: edfbc4e4b4c3f24c6223a6a91f90a850b15fae62c963b9e4fa95a4a7e87db235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 06:51:33 GMT
etag: "17-iT4D9Sii9YIFc0Zp3ZZC/1eX5UQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 11f280cedef8455db922623ec8458149
timing-allow-origin: *, *
content-length: 83996
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8C1 178 KB
56 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
URL: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8C1 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs7wDwJwOxAeMKWXtknpXJcRgcL7MRhoLnr-BWknLe6AwY01hc9jL79OR042e9T0BDPhENYsdkyIsf0WcA07hx6NJ7SJeBryp12gfM9alReuWTVcY0gOxyqSAE1d_PRV3mE-qpA4PVF3dBqiI5BpbeDoLuJeVlba0TtXXpxbRaZW_5V0U_wWpHhcLuNN7LBmJKGE-leZxQHiOc51RO8fbI0v_UhVTyKiCRXX3t6EAmsMAqrDFktHEf03zrKnpKiOX8CvFjB6rkGikmLfmo4AnEdpzRiznqUnPG9kOaCP4T4Hjeq_908fcIUVuB7TKtmq5thPpCmvIISZ6JgyORNA&sai=AMfl-YTK5kcL5beMPRC00Kw-KQ1XLtq5P9-huUwq9UG9qvlid5EiG1KplPRixhux22Z43hbF3kocn4xEcSzUMqvKxgXTOgCQK9JzYnxot_uMj97xtaAIoa5oIlZ-vBeKPIJplhZHjPhFJ4wj8-fWN2Xb&sig=Cg0ArKJSzP-dTzFmGZIkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
URL: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H/1.1 200
OK MmJkZWFlZjY1NDcyNmY2ZjAzZjljOWQ1MzliNGYzZWQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame F8C1 16 B
464 B 540ms
486ms XHR
application/json 23.213.170.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/MmJkZWFlZjY1NDcyNmY2ZjAzZjljOWQ1MzliNGYzZWQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.170.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-170-21.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:03:50 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: d8c8cd824d96f9da51068b4dd2f5cf5b
Content-Length: 16
Expires: Wed, 21 Jun 2023 08:03:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame F8C1 43 B
371 B 32ms
10ms Image
image/gif 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: 2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
URL: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 20:03:50 GMT
date: Tue, 20 Jun 2023 20:03:50 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
297 B 187ms
187ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://victorraulrr.info
Date: Tue, 20 Jun 2023 20:03:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
DATA 200
OK truncated
/ Frame F8C1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d54d6d54f23b847b7185721dfd5898e32992fe5ff16d1694c9a6664ac03d5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9779588628895166101
tpc.googlesyndication.com/simgad/ Frame C76C 17 KB
18 KB 39ms
39ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9779588628895166101?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qncqV_T6S2GNM1odUKvbSuF2DkNbw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=5790268525&adk=594043572&adf=2364240886&pi=t.ma~as.5790268525&w=728&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=728x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428853&bpp=2&bdt=621&idt=345&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YW7xioQmme&p=https%3A//victorraulrr.info&dtd=350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd8d02949a659afd24f53b5de55af520f8590e173dab48968f9af34f25b5e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 04:09:50 GMT
x-content-type-options: nosniff
age: 402840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17704
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:37:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 04:09:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8C1 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKZnI0tlWi9bZbYEIMUPu_Pic6vSyLnziB730elcAv-WRui2Bm2SKkW5doo3YXWIm38aDBUQlwYFgn5Q24YEUSwVSmkooByFt3k-ueloltu1XDkvveQDI4jgn-_GR0pINjt8go67ISYeSyklsRjaZ68FG3WL-GmqyeyOL-YBT8x6ukCriXFA-62E_G5xBguEMZS2e4EOCVQt5AHV-zOmYtIBL4bp4AnX5jo3DR4vAy5kpSD6HaQKkJ0JA5b19iKUywlrlN5lbts_PnMKe_g9mKGERqHC2xxFdhcsOgIAwJItAOhWjOVTodlQxlNykQjX34v3bMpY8Ic2H1erCcMaXG&sai=AMfl-YRufqFbReazSYemsIxEW7PcsEN1cPvsXkJ6jYvzO6H61Q6lbhPS-hmSYGg6yCdN_GhMWNg347upIXnbK1DJ-7wcb2nS8h_pMD7FDhYYXgYWhz6nMJX6MMHR8v-LmAIe7_7POrtuq-0SkjYN95aC&sig=Cg0ArKJSzKL_XfxPsY_iEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C76C 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnScHJQaSZLjuF5nirAHOgpToCpK8opZxxJmG8voRt8eE2roBEAEg7sX7T2CV4pCCoAegAZrVtOECyAECqAMByAPJBKoE4AFP0HMcuIR5hX7JBr9R2lqtGXgHcbnuZEA0S-HbFpJlEiQtbW421HYO9UzjiB0f0uEWKQ1O-USMD7HInx1mbnJBVObNGzX9Sdr0dbTld2xImE4RK4uzIzNy9iwaRFEYD-eazNXyNKJKVDoIJIlgJvvsmV2B-LXsKwzVMHSxcV8w9NdW5CkwUkwG4nx3iK6sN778ta_yaL9Tk444R6JA71oDaHNDaR2zVRGRpoIxobodVeOJVA29oiG4OSeuhMdjYk3E3JN3qEPkEMQnxRqxr3UyZyo2l2jT_9JSAZpL12lis8AEnL_x_LIEkgUECAQYAZIFBAgFGASgBgKAB86qy54BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQovAD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MjU0MDUxMjc0MTczNTQzGAA&sigh=tyU3LirvN14&uach_m=[UACH]&cid=CAQSGwBygQiDVq7i5XpJIsREKh5JP9wFwTvOf4kxRhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=5790268525&adk=594043572&adf=2364240886&pi=t.ma~as.5790268525&w=728&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=728x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428853&bpp=2&bdt=621&idt=345&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YW7xioQmme&p=https%3A//victorraulrr.info&dtd=350
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:03:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame C76C 22 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8930 143 B
166 B 39ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=5790268525&adk=594043572&adf=2364240886&pi=t.ma~as.5790268525&w=728&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=728x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428853&bpp=2&bdt=621&idt=345&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YW7xioQmme&p=https%3A//victorraulrr.info&dtd=350
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 19:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C76C 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C76C 19 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C76C 178 KB
56 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C76C 32 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfbd74ddac98b9f23483dc2d164e4fbe40cf077a27a7b147bf4662c87aad415a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13401
x-xss-protection: 0
server: cafe
etag: 13184847618836972268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:46:31 GMT

GET
H3 200 47a9bcead4760fc70edbade504912d92.js Show response
www.gstatic.com/mysidia/ Frame 95E2 8 KB
4 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47a9bcead4760fc70edbade504912d92.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=7413782241&adk=269421795&adf=342060399&pi=t.ma~as.7413782241&w=336&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=336x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428855&bpp=1&bdt=623&idt=361&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SAkXG1JL2q&p=https%3A//victorraulrr.info&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce53d1f901f9183b5f311cb21e679c23b258947e8dc9e453414ca6677c1d09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3658
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 20:44:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 22:42:31 GMT

GET
H3 200 d298578b074f0d1ed2773e15591d95a3.js Show response
www.gstatic.com/mysidia/ Frame 95E2 9 KB
4 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d298578b074f0d1ed2773e15591d95a3.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23add6f94fac4eff07e0bb6c37c541fc37a1b659516ba2df40e922bdce8b4e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 20:44:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 22:37:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 95E2 14 KB
1 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 19:11:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 95E2 2 KB
892 B 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 13:52:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 95E2 22 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 13:53:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 95E2 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 13:52:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 95E2 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 13:53:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95E2 178 KB
56 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 95E2 32 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8930
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
expires: Tue, 20 Jun 2023 20:03:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C76C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58d0a6c95ea93dadc50c215e562dd177ad7188d9ae69acfba548fc4cf00f2867

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame F8C1 24 KB
10 KB 321ms
272ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&idx=0&rand=96024&widgetJSId=AR_1&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=728&settings=true&recs=true&key=ADPLU2MFQEFJON6KK97GGNAND&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&version=2010337&sig=34RSaqGh&apv=false&osLang=en-US&winW=728&winH=90&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fvictorraulrr.info%2F&ogn=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d17ef65f36e5bfad80e1e77e6a7fb76bf7b1ada4ff3c52426787f3ae50a87c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1687291430.363974,VS0,VE262
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21979-LGA, cache-fra-eddf8230114-FRA
x-traceid: 080f10d27ef6b3292ddf9b84c7291f19
accept-ranges: bytes
content-length: 10053
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4711 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=7413782241&adk=269421795&adf=342060399&pi=t.ma~as.7413782241&w=336&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=336x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428855&bpp=1&bdt=623&idt=361&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SAkXG1JL2q&p=https%3A//victorraulrr.info&dtd=364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 19:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95E2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77af0457984afb44555112ecd78a42506411fa5be90adf779518317a5475a57a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 95E2 33 KB
33 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 3273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame AEF2 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4711
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
expires: Tue, 20 Jun 2023 20:03:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95E2 0
19 B 85ms
84ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq8TFJQaSZPuFGZemrQGLu4TwCtvOwPNwg_3-lvoKnPiVtugaEAEg7sX7T2CV4pCCoAegAcixqc0DyAEBqAMByAPLBKoE4wFP0AtWdoMe_QD4eYQOn8cgMVMyBqmz8q3yyPEqR-nwEBB0Vw8zs5c2gdLD6Y5jlAHxmorbqWeNqW6oGzXhj1nxKLQ8ao73EbFfn7uaY2IWsnKZuBW9-8vAzOz6A3T-PPEYkibMnWBud5tznUlJ8KFu0-Zxy8lZG5jUmxw3oxxZcYNKJT8cyWz78yxnL7SesfY3u6Ry2stKuif_5REmeZJCVOTAm0GT_zFSFyvLRW4ByVsDph--MOySg7sDfKwqMsIx1eHse_S4VNxg5SuDoyRrJFZV2BgHGYz4MAeFopiqfUpLNsAEu8b00OACkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDO7ALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQO0BUBgBcBshccChoIABIUcHViLTQyNTQwNTEyNzQxNzM1NDMYAA&sigh=54BRg3Qi68c&uach_m=[UACH]&cid=CAQSGwBygQiDJCsMyo9MGXMedSobCCpgioTOZVL3eRgB&cbvp=2&vis=1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4254051274173543&output=html&h=280&slotname=7413782241&adk=269421795&adf=342060399&pi=t.ma~as.7413782241&w=336&fwrn=4&fwrnh=100&lmt=1687291429&rafmt=1&format=336x280&url=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687291428855&bpp=1&bdt=623&idt=361&shv=r20230615&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8644567734621&frm=20&pv=1&ga_vid=271670831.1687291429&ga_sid=1687291429&ga_hid=185643862&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=709&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075068%2C44788442%2C21065724%2C44769662&oid=2&pvsid=3691596726563996&tmod=563687402&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SAkXG1JL2q&p=https%3A//victorraulrr.info&dtd=364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:03:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D2A 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame F8C1 4 B
371 B 356ms
85ms XHR
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1687291430662&sessionId=84c33695-94e0-be8e-e713-7d428d9687bf&url=2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=551
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:50 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 18d76762456602be60d72aa3bd59fb24
Content-Length: 4
Expires: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76f602ca9cf7b68ce01139c7be03bd3ecc821f019faffe6f4b987b5e17582409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52887
x-xss-protection: 0
server: cafe
etag: 18441770835195694040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:50 GMT

GET
H2 200 65f4af179638226b33531b12508b8ec745.jpg
zem.outbrainimg.com/p/srv/sha/70/fe/14/ Frame F8C1 10 KB
10 KB 48ms
8ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/70/fe/14/65f4af179638226b33531b12508b8ec745.jpg?w=300&h=100&fit=crop&crop=Center&q=45&fm=jpg

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9e00cd23d96f1906ea2f0f62df8aa62e9f04ad6ea67f9aec6db0c67252915c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1751138
x-cache: HIT, MISS, HIT
x-imgix-id: 75be89c264d6bc57b3fd6b09dc358f36812d343f
cross-origin-resource-policy: cross-origin
content-length: 9819
x-served-by: cache-sjc1000104-SJC, cache-fra-eddf8230113-FRA, cache-fra-eddf8230073-FRA
x-imgix-render-farm: 01.8776
last-modified: Wed, 31 May 2023 13:38:12 GMT
server: imgix
x-timer: S1687291431.790243,VS0,VE2
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 disclosure.png
widgets.outbrain.com/external/vendors/ Frame F8C1 476 B
807 B 11ms
11ms Image
image/png 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 20:03:50 GMT
date: Tue, 20 Jun 2023 20:03:50 GMT
last-modified: Tue, 13 Jun 2023 07:48:54 GMT
server: AkamaiNetStorage
etag: "4d39e26ad7c27bebbc022d353bf4bbb6:1686642679.973312"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 476
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F8C1 990 B
1 KB 11ms
11ms Image
image/svg+xml 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 20:03:50 GMT
date: Tue, 20 Jun 2023 20:03:50 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame F8C1 2 B
330 B 357ms
86ms Fetch
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=190f2543d52cffd37d09181f65525e54_207171_1687291430574&tm=638&eT=0&widgetWidth=728&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010337&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=433&oo=true&lo=130&obreq=99&odbreq=508&odbres=941&cet=4g&to=1687291429805&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jun 2023 20:03:51 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 8503293d8a623d233e17fe2aea2c82de
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7352 361 B
689 B 10ms
10ms Document
text/html 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 361
content-type: text/html
date: Tue, 20 Jun 2023 20:03:50 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1687245994.554195"
expires: Tue, 27 Jun 2023 20:03:50 GMT
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 62FC 361 B
689 B 10ms
10ms Document
text/html 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 361
content-type: text/html
date: Tue, 20 Jun 2023 20:03:50 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1687245994.554195"
expires: Tue, 27 Jun 2023 20:03:50 GMT
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ Frame F8C1 48 KB
18 KB 46ms
8ms Script
text/javascript 2600:9000:2057:7a00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7a00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:05:53 GMT
content-encoding: gzip
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 3477
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: H8lJhwFjL8mr7FyYoS7Qu7jHebdM2GBII_HFsVUifzJ80wMUxpQR_g==
expires: Wed, 21 Jun 2023 07:05:53 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 782C 4 KB
2 KB 11ms
10ms Document
text/html 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Tue, 20 Jun 2023 20:03:50 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Tue, 27 Jun 2023 20:03:50 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7352 3 KB
1 KB 12ms
11ms Script
application/x-javascript 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
content-length: 1004
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
etag: "93810123e74a13415e8cdd22e8c62d31:1687245995.168478"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Wed, 21 Jun 2023 00:03:50 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 62FC 3 KB
1 KB 11ms
11ms Script
application/x-javascript 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
content-length: 1004
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
etag: "93810123e74a13415e8cdd22e8c62d31:1687245995.168478"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Wed, 21 Jun 2023 00:03:50 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame F8C1 4 B
371 B 318ms
83ms Fetch
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=190f2543d52cffd37d09181f65525e54&pvId=190f2543d52cffd37d09181f65525e54&sid=7153080&pid=207171&idx=0&wId=100&pad=1&org=0&tm=675&eT=3&cnsnt=no_consent&wRV=2010337&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:51 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 0fd730323dc734bfa0c9971c69c8f9db
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 7352 53 B
225 B 358ms
90ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V-RTIeKNWXBLszONrIHjS8h0F6JGBX_m2bLem2vbDRWPOYHfo7uz-G46_p-p5rKG1gMqYnO_VMU-UBnfg4YApy3WwlxH3n72tdnHRX2NX2GRvJRIV-wca9jEv7T7keU5yEV4YzwVT6HOStbJM68GLQP4BTHztrj78qDtq25-4rnqFdcLjSy1GPq14NxKQtcHpiSCAiowaqCKNqCXREF0el-JHejDILGa5V_5jWwqGvZtTgwXKo-ZQgTlHwO4DuZU0aEf_-kWmom2gKyYCweMr_FxlFTit84dqjClRavzCHJK370gy-kLEWKT_FdW9q55U8vJUxQ8GnRGG5LxWcQ8oP2Vwr1yxflm4hN8Yczp9clIlY1v7CipEVHe3qfskqx3VgyClaZxTK6HF7Zrwg0BnCoIiLV4b-BmSY9luV0w4wz7rsXhia_wMFwvnUEjskYdZN_yKewAh3Q7lvMvLjhYXlzVsN9eP6Rj8emK95Jkq0VMugGYE08Oz8IHawAkGM232YMcPjO6Hv5fLk656mIbFfPbiHng3iIsbSc6hNPsdq6at7u-hz95PAO6yS1WeuqCsjCCoSJOCtuRy5nrMS1U4OtMnoa3hkLcMnPQVZTbKR7mgro5wCIW4X27A8_tvXuACCkTx3q25r6gbcVIjw7NXN1sp01W3CfiAcMwwSBWTP9TPOa0_TdAOCuzKTwrSlZ-_ygwvR4nICdg4vUqjH6NL8eYYHk35cAL0Wob4cTEMR4ivB0aHPVS1ByBv9-_9VoTpi2R63msaHlNBD4epLSTLRYp5n3xfLDsa_iIpSnVRTMmS_7-r47vaXc7xlWxBw8lXPQbfee1Oe1Q-vwlERIZgcgtnMtKSiKz_NlkYK8IcWJHTmiCNgTlfm1mJ4zU531ypiHpq5Md9-HmL7pOCc_IVuHgqMyReS-PpMONyE7Ry7hQZKQkF9SFyshnW8N8YkyCOyq8nmmBCaTJRh3_Mfkn_klOyCYCN096G7Yw9LzIxos4QzLFLFqCpb9DVh_TDfOgdMh4M5Vt3tn_fvGFdNACLeCA0lfWJwSRGSKQg-wsDJpTiKm5Dlv4a9bIVkVCgo6JCvLObsl8WPIufkwFJBuc994XoJLM5XS5UpWU7HGEyDJipJGX04NR93YuiTsO8EQIj0NCZY5Gkv-T6-4r8ZpRom1dbVHm2XRj8i0y89XNXjk2X4-mD_WWvHRSFKpQbqvsO5sWUfF_4nbcLcChlpr-B6kPikE-iapSrh67eqCzL8Fr15V8AhRvuQvZRLKfOHkjdDL8xW8oMVchY5aII_9I1aZp7O0E9EVC8Hg77sOTU22rbd4erXSBw2i4YzhM80DLsDXnwJBOFOBAoPE9In_rKYG1cVGfDYMmF-3cHxbqPoZ4SVLU-M7Fx4FSNylLQbKFoYBto83HllJsehMZa3PtfYLT99D-XfCDBuQe_zDwNp8HJIEoVKjP9Rjo6nTkuiSyMpMMT2r7hMStZ7IJlLp4QC1pwowNtD2OglC9S2IDifeKVwM_-AhvjZKE7ZgQNXAujQ&c=2db3b474&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:03:51 GMT
Cache-Control: no-cache
X-TraceId: 04270de0d07005345e896661e42f4e82
Content-Length: 53
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/92f11d2a-0fa5-11ee-a427-92e96dd8c3aa/0.03087/GGVOLSPYI7ADIN5WKFRMMQ72LJON6JBO27BWBMJ4DQLVHL75WEVVZZFDWGCU7SVY33QSONNJERLL5CN4YAWWJUPXG325C2JSF6HEIE5HE4JX... Frame 62FC 26 B
127 B 362ms
90ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/92f11d2a-0fa5-11ee-a427-92e96dd8c3aa/0.03087/GGVOLSPYI7ADIN5WKFRMMQ72LJON6JBO27BWBMJ4DQLVHL75WEVVZZFDWGCU7SVY33QSONNJERLL5CN4YAWWJUPXG325C2JSF6HEIE5HE4JXMYCAXDQPYFRCCWPTR66K43LNCEY5UC324X6KPFVQIEJU6Q5JE3BRCHAPZLGQVN5CC5RP7WETYR7Q6TQEYZC2XRFGN35ISYINXYAZNKUIAAOFDL3XABPRNR5VDTOPQOXL3P26XESVVUIAL2Z5H3QRWYWTRM3L3YIJ6IFDHX3ZB4Y4FKEU6JCHUXHX2D52YLJXPZRNVKNHSULQQM2TWGMCDPMGCM3IGJVOHARM54T6EVAUJVYAZNJITUHUZD64OQM6XLVBMYHSFHGKDO5SKR7HTUCWB5NSKG5LH3P54WHBDY2W2TISEJG62ZWC5TLZ66NQO2M3AFOZND47HYBRRL7744YKT6XJR2P7AIWGMTISGDFZ2CAAYEAIDR4X2ZIJ53SKNVE4GRDTUGNIMHU44P5ERPDXEIVJBMKTQ2HO5XVKJVMR6I6YFNOYXNATIN2ALO3CCMNXOBYA/?wpos=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:03:51 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 show_pla Show response
flint.defybrick.com/ Frame F8C1 3 KB
2 KB 382ms
128ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sf=1&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=54178069292792768220689008120585048621450610159435059191008814260029&nc=1&tsf=0&tsfmi=6&pv=0&cb=1687291430919&ref=https%3A%2F%2Fvictorraulrr.info%2F&pit=1&hl=2&op=0&fs=728x90&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2178561998&at=&bid=e30%3D&di=W1siZWYiLDcxNzFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEyODQz%0D%0AMTg1MjEsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjYsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgx%0D%0ANFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldS%0D%0ASkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwi%0D%0Ae1wib1wiOjAuNjY2NjY2NjY2NjY2NjY2Nn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQi%0D%0AXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAw%0D%0ALDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCw3MjgsOTAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxb%0D%0ALTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwi%0D%0AW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjcyMjAwMDAwLFwidWpoc1wiOjMzMTAwMDAw%0D%0ALFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4%0D%0ALCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIs%0D%0AMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0z%0D%0AMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4NzI5MTQzMDg5NSwwXSJdLFstMzYsIltcIjQvM1wi%0D%0ALFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiYywtMSwtMSwwLDAsMCwwLDAs%0D%0AMCw0MSwzMTIsNywzNTMuOSwzNTMuOSwxMDkyLDEwOTIiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQs%0D%0AXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNl%0D%0ALG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00Mywi%0D%0AMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFst%0D%0ANDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAi%0D%0AXSxbLTQ5LCItIl0sWyJibmNoIiw2MF1d&tsfu=&fst=728x90&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D&ver=41&cri=HzxmF7XWdf&sdd=%7B%7D&pto=1116&ao=https%3A%2F%2Fvictorraulrr.info&aol=1
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e0e5e700f20510ddfb902f44864c255bba60b9418ce585265b1b81e67840d3f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1670
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=victorraulrr.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame 410F 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 22:19:31 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 22:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame E0A1 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 22:19:31 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 22:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame E3C0 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 22:19:31 GMT
etag: 15057649708203361565
expires: Mon, 03 Jul 2023 22:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 410F 4 KB
671 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:33:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 410F 205 B
229 B 38ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:47:41 GMT
x-content-type-options: nosniff
age: 8169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jun 2024 17:47:41 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 410F 604 B
628 B 39ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:02:30 GMT
x-content-type-options: nosniff
age: 79280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Jun 2024 22:02:30 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 410F 13 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0695beddad86b2879d1364908ed542ea22ae3b524ede62c30281e510f0875f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5847
x-xss-protection: 0
server: cafe
etag: 4947850093028406890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 02:46:13 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 410F 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1e0d9bb27d98ce0643afa0971f9506808531e3334248652e1adad913643bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9398
x-xss-protection: 0
server: cafe
etag: 5140267580575902152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 17:34:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame E0A1 22 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E1E 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 19:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame E0A1 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame E0A1 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 2923996773801802657
tpc.googlesyndication.com/daca_images/simgad/ Frame E0A1 57 KB
57 KB 51ms
51ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2923996773801802657

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f5b4934df224b49e485bea955ee7723fb362fd73cb9f2d5ccd9143f90bbb0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 07:30:53 GMT
x-content-type-options: nosniff
age: 217978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58527
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 17:39:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Jun 2024 07:30:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0A1 178 KB
56 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame E0A1 32 KB
13 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfbd74ddac98b9f23483dc2d164e4fbe40cf077a27a7b147bf4662c87aad415a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13401
x-xss-protection: 0
server: cafe
etag: 13184847618836972268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:46:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CA2 624 B
245 B 81ms
80ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNUlNTP4sPIEQq0lTurn5zWnfAE7tzzwymmFzdjefRnjSnb5-TEjz_aAtLE2pSIdNbFs9nXaOWh_HkWLDRAg4K9HdcNiL0udj_fGZqyYn8k9ABI55v8Pmp3yLmF1VYQk4npZGjqjIuX-1toD9PqdJ8LqWcXEF1hbCR7ce3BZoY35od4NXHc

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:51 GMT
expires: Tue, 20 Jun 2023 20:03:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D1B4 78 KB
27 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame D1B4 3 KB
1 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame D1B4 19 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1B4 178 KB
56 KB 132ms
131ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B4 42 B
63 B 134ms
133ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AU8ScR1fD8dBBh4entWWD6sJqU49V9Zz5M3XoOYqYpi1N6lRP7rL12hAcaToaTrG8dP_NUnQyTYgAwa5Kx6T09-I0dobtwjIQPUnK-U192mcyJRB0

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B4 0
20 B 135ms
133ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1246819333230510073&x=1&ct=119

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 47a9bcead4760fc70edbade504912d92.js Show response
www.gstatic.com/mysidia/ Frame F41B 8 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47a9bcead4760fc70edbade504912d92.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce53d1f901f9183b5f311cb21e679c23b258947e8dc9e453414ca6677c1d09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3658
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 20:44:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 22:42:31 GMT

GET
H3 200 bce1e4c8408c77dcdd723b4c15e3df48.js Show response
www.gstatic.com/mysidia/ Frame F41B 153 KB
56 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bce1e4c8408c77dcdd723b4c15e3df48.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66ac45023aa5f15d6e442fe8c6606aebcaa984392d7aa2390cc54989a38316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 00:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57416
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 00:30:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F41B 7 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:51:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame F41B 2 KB
892 B 52ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:19:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame F41B 22 KB
9 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:16:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame F41B 3 KB
1 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame F41B 19 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F41B 178 KB
56 KB 98ms
95ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame F41B 32 KB
13 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 11:40:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E1E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:51 GMT
expires: Tue, 20 Jun 2023 20:03:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNUlNTP4sPIEQq0lTurn5zWnfAE7tzzwymmFzdjefRnjSnb5-TEjz_aAtLE2pSIdNbFs9nXaOWh_HkWLDRAg4K9HdcNiL0udj_fGZqyYn8k9ABI55v8Pmp3yLmF1VYQk4npZGjqjIuX-1toD9PqdJ8LqWcXEF1hbCR7ce3BZoY35od4NXHc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CA2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJIGJ7OdKbF80cpq64VLHAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNUlNTP4sPIEQq0lTurn5zWnfAE7tzzwymmFzdjefRnjSnb5-TEjz_aAtLE2pSIdNbFs9nXaOWh_HkWLDRAg4K9HdcNiL0udj_fGZqyYn8k9ABI55v8Pmp3yLmF1VYQk4npZGjqjIuX-1toD9PqdJ8LqWcXEF1hbCR7ce3BZoY35od4NXHc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB44rDCHAlgOUqgO2CrVrNQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8CA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypYpRzW4q-iaIp8vwm5Y&google_cver=1

43 B
1 KB

11ms
11ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypYpRzW4q-iaIp8vwm5Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNUlNTP4sPIEQq0lTurn5zWnfAE7tzzwymmFzdjefRnjSnb5-TEjz_aAtLE2pSIdNbFs9nXaOWh_HkWLDRAg4K9HdcNiL0udj_fGZqyYn8k9ABI55v8Pmp3yLmF1VYQk4npZGjqjIuX-1toD9PqdJ8LqWcXEF1hbCR7ce3BZoY35od4NXHc

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:51 GMT
AN-X-Request-Uuid: 5c4e4cff-2cbf-4964-a1b4-05178b986cef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHHypYpRzW4q-iaIp8vwm5Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CA2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjA1OTUzMTEwMDkwMTI5Mw%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjA1OTUzMTEwMDkwMTI5Mw%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Jun 2023 20:03:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fdb7b028-cb71-4383-8879-dd2b6a1bdb56
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjA1OTUzMTEwMDkwMTI5Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F41B 0
234 B 325ms
79ms Ping
image/gif 2a00:1450:402a:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lj4pr4ks&c=7069559995773&slotId=3534779997886.5&qqid=CM3Pn7LS0v8CFR6MSwUdsLwIaA&sei=44729911%2C44730425%2C44730426%2C44752538%2C44776384%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bce1e4c8408c77dcdd723b4c15e3df48.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/CaqmHke-_K4/ Frame F41B 7 KB
7 KB 276ms
39ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/CaqmHke-_K4/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eec31e915be198f1e34258d72c7316987168339231edc1ba1c91b5658a92e6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:36:53 GMT
x-content-type-options: nosniff
age: 1618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7161
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Jun 2023 21:36:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B4 0
20 B 133ms
132ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5828970002007&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B4 0
20 B 132ms
132ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5828970002007&version=m202301230201&ct=119&x=1&cor=1246819333230510000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D1B4 85 KB
35 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CebmFIxM_RT1jL6kIwTWbiPmWRNYCFVqxR5BzTzgdlqhrCi3CknJFYZ34p0158R-byPP_f-bzxKPq1w5K7b-RYebGs165vKq5jflpUQ1FxUC0Y5mxHwRaUaVMaJBp1tfX0VFVJiCW8QDZWGmUMFvwMkuWEE5RXjJHvvi-B52pniIyGYHo&cry=1&dbm_d=AKAmf-AAjTkyHd4ePC9KsuqDn1wrjWz-ceDW_IPrbA8Z5ztphqu5u68OzKvScslq2liYQAUtP9FPQkwjOd5cs1PGvUIrCYKoT-BJmYJuSjEEIg114LXhINZ2o9S16wDKFl0Z6wkOhhRZNYptN0xY_jZNLmOXxWNNA5-oeUEAX71018kjI7oMa1OOh9_N-K49PlzAgW7wQaBjcN9aWZD9qTkCXwbapsvj7AB0w4SmfOewEs0oG0tm7NwBRshMQmSqdl0ui3gpHnEtpGJQ30-quqNd-8L7SVormriy-tJK0bBdGUKPJQO2Za8P7aDTfiqyp2Kmwc83-X2-nweox4mgyBKHVJBm-eUOwN0YWECQQ8Xnn78SdUCtvaUC2KPYgez05K5XUx-BJl8PChHp-HvvvLnagkrMxx7M8QqB-PdGHyTvNAaWWHV-jJR_xgfVhek7tfvfdRRjJtFBuNvfoygV1I-ZNNRhbBOuo_oqNIlYgcBT9Jya-gCbBQdpb2i_ybGp0_aQ9iohQLRq0bsKgD3u6ikegzFd_o227CaZSx4MskFKmEQxpsdQwWUYjfios4Id8RakUSncOWBs9sKA41uE7s-N2dEAk38YD1mvzvItjqa5e0DacTWna-fQdNz_-QTFVCSWSqH4y4ueXMBJPcABNWiyyfgeOJzoukjI0TjDNfUxPDy11ruZ7zmUbWYzJxDMZbjz1lw89gky9UqEBb8Qdzd7kg13dUMaWS4Cc1IhbPSEuwnmTTKLgZpf9a8fXnfLVfZjv9V9LWqhXPHmEOmeNge9DOvS2F4DJXEtNlKpBl-qKQczy9Edepl719EkZ07_jPi53lz7OtvhotCp-nZCdnEQst3g9J0n2WWkI-z51sWGdpTZ_BhNITUKxhLdlA7pxdgEebpBxse-8eSefPkvOPbVaBtPpDqMPGDTFC-A6v2R80AQEhQjUfy5MhlJ5awBwZA0flOq2NZ8-CL01GYeO8MrKqJEtpUiHIxg-pEaREkocPF1zy5emQ08NvS7t1zpK5P2o_Nu2BJHznVKk4PfBmqPpIkGoPhsiX650M1-PVQxt4slNeyzPmwClJYJvv8fgwmX3yNDSE5rtl4SFWFzodyWB_6uvio58hgh8ANnOVt0qXzw6GAXGoicOPqc0E7nJpTDs4Zp2PRS-V8K64OvndOYT5qcWHIsE8_GKQVuB1BIgb2rNpxtoJoWZcQ8vlLo_FuJa3RXlWUsUi75a-dkQ46W6TUJL4wCNbKGCnVEyht-2kOlfng5P1yJSifg10gVvEDvz4-3xmvLcudgNTCoxxsHCngLDOAepMOdrJ-hiW-s1iHTLnyORXijmMqwK9FWmnGqASEBkMhDouvnrGzInvN3_Arg-BE6MyvbQc06sq6ShTj5u-AyqCWBIGbneSS7WXRCwAZwwCOpsUd0ZTdEE-NtYs39dosALUNl5BNMDJNFTGrxmz0nH6Eqi9OxQKyu6NjIJxxYaDVJ1n61ptHiMrd51l5wfpihDUEf4_-Yk404bCrJcA0wIW1TXPAEqxuo7d3nIGVU2ogDDV-uo5sxO9pOBnfUWmxJjbhCn9RvZxechSYWIiyKpUyCZE95ZAwtLT7aY598cSFsJkD0F4dSCs9w2dlASn3_IpgXmNWb9hNxhwJp3-rbu3MDa27RNImE-X4ul7xLkwnbBO2vN6HB3j1tJM4FOuf1WebjlZ85amWF3sXbXUcHTxJ1NdlhaJbvSt0nEMDYSFecTURuLos0uuZaKwVRuCErz1BADh_xe7diOnbmydCDnv-R9yS82LODyz0i8__1VusUMm4MyOEJ6zGT6wYk06U_NoBL39nuT12P_y6q4oGoYgiv7bwZ1Bu4DhR_7uhZHmz0oMUinQi_RRRGCipxfVxO-QhRCm_uqhwQaFAk4CnrZ1W32brEQCjFBTdok8oJu4F7zYQHLO-CISYAZeU8v4jKhZrFqg_V-Mhr_DyKrg7iLDB-cADykA1GPHOPNsAAkAVo-qNJpMDEs02IQ0joBBRdWP56s-dkOfghhEXtGmOP5ltKghy9c3VhGSMVual2wuLh-3zNLcfrCoA-MB1O-YArnu-Dj0olfALDdOfWjus8l-MgIpHECayXAQzlna2vaKuqjA2o3haMGBGj2cDYZIA-ExzXUJIki2RGis5t-Hny9d38IM3ZaDg5DSKcv2fS4AOx0YvRhRkSh5ibh7ZkMGG5gPuBLw9KW71ZAXbY2DZvROAL96Xp-zjYRMsgpioMIPsb0DB-aJUkGWGZNSL1987XQGNqdBjWjOrPOxHAdBQ-pE48sHqWJ2FjNrTldY-FjNxK7cy9PjEXu0eh0hhxkv_QH_Kzx6I5Y8JBBZY0mePOdQazhDnbQJeDexMGb_k5GI-ADpuMmhn7v-tvqbwo3_wyCtIoT-BLZWVAjGQQDBeY9ahBhkG37iRxDU7IHZhP0crRexW0a4tVSVs1lEBV7mgWA8wLcBlSdItOIxcynsga3udDNPxzMhcNAAvM8U-G_HYOrTdzUKnj77CQKF8nuZ7jLJ691wulbmuL-2o4Xdrs7wy5onG71V21cgkXt0ZrR8LkDiRrBiPR9IKJETaFmttaJdwC79dMdlPlMxqzu7Hqcunsjk4b1dJBAnFdqLWcNGv4xgBsNwSDUsSgPvskjIczMhGWQv5MBtxbsasPr7VbZ2bEyvFTzZjwgwuBVfCkMqLjcwy8oI_heSQglNLNCdiQzcJlGQiF-iJIEVA5Efr7f0oadzCVmovp4VrnRvMmOX3-ZcB0hS23uRR7lrDLoCsKwy8SRS3oHYIatMGRePLB0G8UxDe5Ma0VP0vLqU0wAAZAySADbAGikG1rhBJyT95_Zmt_LHIft3vLaiDNJX8onlnlcW-Vna_fxXkJ3a6cQAW7Gc8BcFUtaaB3XUGG66xcDhCHQWoR73NubOocK9zTa61MY7Aw-GkzGXVLot862StaTMzrriEoZ9HpDIljQ76hLb4VBXlb-_leR-6DWjze_wQ9244urOWb4TEUj51zs0O-Glwyzchl6SQfjUtoMavZDpuM3cqT2VibIZBSsr_b709iMUeCFdnz1zyePLzua_Loyrbmz5ItshZVh_kI1qGQPjQCj0X-xEss0PjgU1PXUWjCCuYuw5krF-0Q-vVjEAg13anez4G5fqZ7kjcP3zXNiTNIZtay0lvHUknm-Br6pKiJ-1_Z8mIWhKA4CGXJs6cdAcsMMCZx5GO7IKj3UQyZ7woYPYRnourtJi6iIRPhCRqNtuupfHw10bziC8RfElUPYguCmI_R8vj8yI21KML2U8SLiJpnK3YCP3Wes1vdO9I2GlGwnn-zotwM-heZfLae3Nn6bQYPeYY01bL3Gd7R_0sy3JF4J1Zlb_R1XDK66N5-VESKVdv9ZS10CJvkhdMvrLNAbGUQKHgw4xlELC_plJijhENvuQk5fU4oJgBqxJvHOZRe3JsZ6QUBJwGDH6Rt&cid=CAQSGwBygQiDIhU27rSorWvpwlyswhjm8ab9D8KAKhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvictorraulrr.info%2F&ds=l&xdt=1&iif=1&cor=1246819333230510000&adk=2935317967&idt=112&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8546715514634e13731f0e2720924ac3f81ff16e596c319853592c5cffdb80af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-5hnekn7k.googlevideo.com/ Frame F41B 2 MB
2 MB 299ms
87ms Media
video/mp4 2a00:1450:400e:2::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1687320230&ei=JgaSZM_0EoKag8UP1baFgAI&ip=2a03:1b20:6:f011::4e&id=09aaa61e47befcae&itag=18&source=youtube&requiressl=yes&mh=PB&mm=31&mn=sn-5hnekn7k&ms=au&mv=m&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=56.145&lmt=1658299686665930&mt=1687291029&txp=6210224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgeXrplIhPLmNBokPd8u_YjN14mV48eHXXRz5e5IRBTDYCIAzl6teYzuP93hhCwQn336RXFTtgnx94-2h60yJFo1TU&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPAunA9VmGTHMtTmZpePItA70meIIPNgTz_zveg8UFT7AiBK1I4NXorOH6OUrWlGsBA3eHzx2DHiSH-KWnKTdCX-5Q==&cpn=1dbCGxR7OUUjbaKi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:2::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6215b65df789cd3b5a23f79e9be9e249c361495ee291e6ec6d9559dbbd7f8771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 20 Jun 2023 20:03:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jul 2022 06:48:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2526025/2526026
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2526026
Expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8C1 42 B
174 B 137ms
136ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstl5L830DMZ6kVDECbcyT8T3ItMh3EW_lnNGcnY2c__jRmMfNPFp7ivdWUZYHhvbLudaMzGlkC5KQ_3kUqQw09ygiBHLJ0LtUo_22w8KV5U3iWOyL94&sig=Cg0ArKJSzPVtsrSW2IxqEAE&id=lidar2&mcvt=1018&p=1110,436,1200,1164&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3561977089&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687291429805&rpt=366&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E0A1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b4ace29590817c3c82da9dbd6aa29efd61ecfaf2f280c0b5f5d1975ea58bcb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame D451 4 KB
2 KB 11ms
11ms Document
text/html 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V-RTIeKNWXBLszONrIHjS8h0F6JGBX_m2bLem2vbDRWPOYHfo7uz-G46_p-p5rKG1gMqYnO_VMU-UBnfg4YApy3WwlxH3n72tdnHRX2NX2GRvJRIV-wca9jEv7T7keU5yEV4YzwVT6HOStbJM68GLQP4BTHztrj78qDtq25-4rnqFdcLjSy1GPq14NxKQtcHpiSCAiowaqCKNqCXREF0el-JHejDILGa5V_5jWwqGvZtTgwXKo-ZQgTlHwO4DuZU0aEf_-kWmom2gKyYCweMr_FxlFTit84dqjClRavzCHJK370gy-kLEWKT_FdW9q55U8vJUxQ8GnRGG5LxWcQ8oP2Vwr1yxflm4hN8Yczp9clIlY1v7CipEVHe3qfskqx3VgyClaZxTK6HF7Zrwg0BnCoIiLV4b-BmSY9luV0w4wz7rsXhia_wMFwvnUEjskYdZN_yKewAh3Q7lvMvLjhYXlzVsN9eP6Rj8emK95Jkq0VMugGYE08Oz8IHawAkGM232YMcPjO6Hv5fLk656mIbFfPbiHng3iIsbSc6hNPsdq6at7u-hz95PAO6yS1WeuqCsjCCoSJOCtuRy5nrMS1U4OtMnoa3hkLcMnPQVZTbKR7mgro5wCIW4X27A8_tvXuACCkTx3q25r6gbcVIjw7NXN1sp01W3CfiAcMwwSBWTP9TPOa0_TdAOCuzKTwrSlZ-_ygwvR4nICdg4vUqjH6NL8eYYHk35cAL0Wob4cTEMR4ivB0aHPVS1ByBv9-_9VoTpi2R63msaHlNBD4epLSTLRYp5n3xfLDsa_iIpSnVRTMmS_7-r47vaXc7xlWxBw8lXPQbfee1Oe1Q-vwlERIZgcgtnMtKSiKz_NlkYK8IcWJHTmiCNgTlfm1mJ4zU531ypiHpq5Md9-HmL7pOCc_IVuHgqMyReS-PpMONyE7Ry7hQZKQkF9SFyshnW8N8YkyCOyq8nmmBCaTJRh3_Mfkn_klOyCYCN096G7Yw9LzIxos4QzLFLFqCpb9DVh_TDfOgdMh4M5Vt3tn_fvGFdNACLeCA0lfWJwSRGSKQg-wsDJpTiKm5Dlv4a9bIVkVCgo6JCvLObsl8WPIufkwFJBuc994XoJLM5XS5UpWU7HGEyDJipJGX04NR93YuiTsO8EQIj0NCZY5Gkv-T6-4r8ZpRom1dbVHm2XRj8i0y89XNXjk2X4-mD_WWvHRSFKpQbqvsO5sWUfF_4nbcLcChlpr-B6kPikE-iapSrh67eqCzL8Fr15V8AhRvuQvZRLKfOHkjdDL8xW8oMVchY5aII_9I1aZp7O0E9EVC8Hg77sOTU22rbd4erXSBw2i4YzhM80DLsDXnwJBOFOBAoPE9In_rKYG1cVGfDYMmF-3cHxbqPoZ4SVLU-M7Fx4FSNylLQbKFoYBto83HllJsehMZa3PtfYLT99D-XfCDBuQe_zDwNp8HJIEoVKjP9Rjo6nTkuiSyMpMMT2r7hMStZ7IJlLp4QC1pwowNtD2OglC9S2IDifeKVwM_-AhvjZKE7ZgQNXAujQ%26c%3D2db3b474%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Tue, 20 Jun 2023 20:03:51 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Tue, 27 Jun 2023 20:03:51 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C7A 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0A1 0
19 B 90ms
90ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2B45JQaSZI6pF56YrtoPsPmiwAafgNjecKH3_fe4Ef20iuegCxABIO7F-09gleKQgqAHoAGQxcGBA8gBAqkCd5HfLc5Psj6oAwHIA8kEqgTvAU_QhLvq8qkkAhQVWfcrAHLIGhhO68y2oKzKln3_8X7vGQTECwm2OxQy1m-bKISumwb_DFulwil16D7DB8Rt-2z2vUSrJfD_PtjgmwJmUOLQ41d4KLN8ttWfB-NVhSLiVGoSX_T_y9qvAF0kEr9w5h3awuOaI0Zbnus3G5edHdjSDdRt3_7xNtVjEmRQRVWJpHQVUbc1PGvFIEhf0bM-_pHylBAHoLi__wZ0w6vppyMhyzsz_4pczeXluK1weE-fUAYHMeGy1nDRB3mk_Vsdx97uiY_LVvGPp8u3bQ2I-Q7pQbX5P3hwzPdeRaPfM_aXwAStuZiOqASSBQQIBBgBkgUECAUYBKAGAoAH2Lq-fqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELaeAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDI1NDA1MTI3NDE3MzU0MxgA&sigh=3aSqKteh5Vg&uach_m=[UACH]&cid=CAQSGwBygQiDIhU27rSorWvpwlyswhjm8ab9D8KAKhgB&vis=1

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D1B4 111 KB
39 KB 142ms
38ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame D1B4 11 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CebmFIxM_RT1jL6kIwTWbiPmWRNYCFVqxR5BzTzgdlqhrCi3CknJFYZ34p0158R-byPP_f-bzxKPq1w5K7b-RYebGs165vKq5jflpUQ1FxUC0Y5mxHwRaUaVMaJBp1tfX0VFVJiCW8QDZWGmUMFvwMkuWEE5RXjJHvvi-B52pniIyGYHo&cry=1&dbm_d=AKAmf-AAjTkyHd4ePC9KsuqDn1wrjWz-ceDW_IPrbA8Z5ztphqu5u68OzKvScslq2liYQAUtP9FPQkwjOd5cs1PGvUIrCYKoT-BJmYJuSjEEIg114LXhINZ2o9S16wDKFl0Z6wkOhhRZNYptN0xY_jZNLmOXxWNNA5-oeUEAX71018kjI7oMa1OOh9_N-K49PlzAgW7wQaBjcN9aWZD9qTkCXwbapsvj7AB0w4SmfOewEs0oG0tm7NwBRshMQmSqdl0ui3gpHnEtpGJQ30-quqNd-8L7SVormriy-tJK0bBdGUKPJQO2Za8P7aDTfiqyp2Kmwc83-X2-nweox4mgyBKHVJBm-eUOwN0YWECQQ8Xnn78SdUCtvaUC2KPYgez05K5XUx-BJl8PChHp-HvvvLnagkrMxx7M8QqB-PdGHyTvNAaWWHV-jJR_xgfVhek7tfvfdRRjJtFBuNvfoygV1I-ZNNRhbBOuo_oqNIlYgcBT9Jya-gCbBQdpb2i_ybGp0_aQ9iohQLRq0bsKgD3u6ikegzFd_o227CaZSx4MskFKmEQxpsdQwWUYjfios4Id8RakUSncOWBs9sKA41uE7s-N2dEAk38YD1mvzvItjqa5e0DacTWna-fQdNz_-QTFVCSWSqH4y4ueXMBJPcABNWiyyfgeOJzoukjI0TjDNfUxPDy11ruZ7zmUbWYzJxDMZbjz1lw89gky9UqEBb8Qdzd7kg13dUMaWS4Cc1IhbPSEuwnmTTKLgZpf9a8fXnfLVfZjv9V9LWqhXPHmEOmeNge9DOvS2F4DJXEtNlKpBl-qKQczy9Edepl719EkZ07_jPi53lz7OtvhotCp-nZCdnEQst3g9J0n2WWkI-z51sWGdpTZ_BhNITUKxhLdlA7pxdgEebpBxse-8eSefPkvOPbVaBtPpDqMPGDTFC-A6v2R80AQEhQjUfy5MhlJ5awBwZA0flOq2NZ8-CL01GYeO8MrKqJEtpUiHIxg-pEaREkocPF1zy5emQ08NvS7t1zpK5P2o_Nu2BJHznVKk4PfBmqPpIkGoPhsiX650M1-PVQxt4slNeyzPmwClJYJvv8fgwmX3yNDSE5rtl4SFWFzodyWB_6uvio58hgh8ANnOVt0qXzw6GAXGoicOPqc0E7nJpTDs4Zp2PRS-V8K64OvndOYT5qcWHIsE8_GKQVuB1BIgb2rNpxtoJoWZcQ8vlLo_FuJa3RXlWUsUi75a-dkQ46W6TUJL4wCNbKGCnVEyht-2kOlfng5P1yJSifg10gVvEDvz4-3xmvLcudgNTCoxxsHCngLDOAepMOdrJ-hiW-s1iHTLnyORXijmMqwK9FWmnGqASEBkMhDouvnrGzInvN3_Arg-BE6MyvbQc06sq6ShTj5u-AyqCWBIGbneSS7WXRCwAZwwCOpsUd0ZTdEE-NtYs39dosALUNl5BNMDJNFTGrxmz0nH6Eqi9OxQKyu6NjIJxxYaDVJ1n61ptHiMrd51l5wfpihDUEf4_-Yk404bCrJcA0wIW1TXPAEqxuo7d3nIGVU2ogDDV-uo5sxO9pOBnfUWmxJjbhCn9RvZxechSYWIiyKpUyCZE95ZAwtLT7aY598cSFsJkD0F4dSCs9w2dlASn3_IpgXmNWb9hNxhwJp3-rbu3MDa27RNImE-X4ul7xLkwnbBO2vN6HB3j1tJM4FOuf1WebjlZ85amWF3sXbXUcHTxJ1NdlhaJbvSt0nEMDYSFecTURuLos0uuZaKwVRuCErz1BADh_xe7diOnbmydCDnv-R9yS82LODyz0i8__1VusUMm4MyOEJ6zGT6wYk06U_NoBL39nuT12P_y6q4oGoYgiv7bwZ1Bu4DhR_7uhZHmz0oMUinQi_RRRGCipxfVxO-QhRCm_uqhwQaFAk4CnrZ1W32brEQCjFBTdok8oJu4F7zYQHLO-CISYAZeU8v4jKhZrFqg_V-Mhr_DyKrg7iLDB-cADykA1GPHOPNsAAkAVo-qNJpMDEs02IQ0joBBRdWP56s-dkOfghhEXtGmOP5ltKghy9c3VhGSMVual2wuLh-3zNLcfrCoA-MB1O-YArnu-Dj0olfALDdOfWjus8l-MgIpHECayXAQzlna2vaKuqjA2o3haMGBGj2cDYZIA-ExzXUJIki2RGis5t-Hny9d38IM3ZaDg5DSKcv2fS4AOx0YvRhRkSh5ibh7ZkMGG5gPuBLw9KW71ZAXbY2DZvROAL96Xp-zjYRMsgpioMIPsb0DB-aJUkGWGZNSL1987XQGNqdBjWjOrPOxHAdBQ-pE48sHqWJ2FjNrTldY-FjNxK7cy9PjEXu0eh0hhxkv_QH_Kzx6I5Y8JBBZY0mePOdQazhDnbQJeDexMGb_k5GI-ADpuMmhn7v-tvqbwo3_wyCtIoT-BLZWVAjGQQDBeY9ahBhkG37iRxDU7IHZhP0crRexW0a4tVSVs1lEBV7mgWA8wLcBlSdItOIxcynsga3udDNPxzMhcNAAvM8U-G_HYOrTdzUKnj77CQKF8nuZ7jLJ691wulbmuL-2o4Xdrs7wy5onG71V21cgkXt0ZrR8LkDiRrBiPR9IKJETaFmttaJdwC79dMdlPlMxqzu7Hqcunsjk4b1dJBAnFdqLWcNGv4xgBsNwSDUsSgPvskjIczMhGWQv5MBtxbsasPr7VbZ2bEyvFTzZjwgwuBVfCkMqLjcwy8oI_heSQglNLNCdiQzcJlGQiF-iJIEVA5Efr7f0oadzCVmovp4VrnRvMmOX3-ZcB0hS23uRR7lrDLoCsKwy8SRS3oHYIatMGRePLB0G8UxDe5Ma0VP0vLqU0wAAZAySADbAGikG1rhBJyT95_Zmt_LHIft3vLaiDNJX8onlnlcW-Vna_fxXkJ3a6cQAW7Gc8BcFUtaaB3XUGG66xcDhCHQWoR73NubOocK9zTa61MY7Aw-GkzGXVLot862StaTMzrriEoZ9HpDIljQ76hLb4VBXlb-_leR-6DWjze_wQ9244urOWb4TEUj51zs0O-Glwyzchl6SQfjUtoMavZDpuM3cqT2VibIZBSsr_b709iMUeCFdnz1zyePLzua_Loyrbmz5ItshZVh_kI1qGQPjQCj0X-xEss0PjgU1PXUWjCCuYuw5krF-0Q-vVjEAg13anez4G5fqZ7kjcP3zXNiTNIZtay0lvHUknm-Br6pKiJ-1_Z8mIWhKA4CGXJs6cdAcsMMCZx5GO7IKj3UQyZ7woYPYRnourtJi6iIRPhCRqNtuupfHw10bziC8RfElUPYguCmI_R8vj8yI21KML2U8SLiJpnK3YCP3Wes1vdO9I2GlGwnn-zotwM-heZfLae3Nn6bQYPeYY01bL3Gd7R_0sy3JF4J1Zlb_R1XDK66N5-VESKVdv9ZS10CJvkhdMvrLNAbGUQKHgw4xlELC_plJijhENvuQk5fU4oJgBqxJvHOZRe3JsZ6QUBJwGDH6Rt&cid=CAQSGwBygQiDIhU27rSorWvpwlyswhjm8ab9D8KAKhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvictorraulrr.info%2F&ds=l&xdt=1&iif=1&cor=1246819333230510000&adk=2935317967&idt=112&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:21:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame D1B4 29 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D1B4 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ Frame F8C1 43 B
79 B 111ms
110ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362e9c53ceb43899c9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604289e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1c08f77f6aaf93117aefdbf864ec57a917f0dd07c74cccd17cc22a2984db7299779ac0baa2deefb51c23a47ab2edaf7c5067bf826296e040e7421404d55c5b8281d79a81b2c527df21d6deedc85ec54d5814aa5f0ddbcf914f7786eb74fa00b3c916c376ac2f44190e9e66bc0dda9dff2eb8d66ec148a7c19ccc7780191c2dad5e12547d4e7a93fb35e11580c8d320f7cf61a69177dcd5b8a57dd9b4b658603299ea5a43dfa70a5505b8e9ef39f366cfa915b1b477e12de468ca0dca4788f523844b71b1f8d037626a7f02370b4113aafed4288f5ea816111d6da9ed118ada0654bae583a8a07e96b8f6f687e4bdb31e1e7fa41994bc587291013909dd085c6d71f779a86a1ac0eddd608969cb388dab2dd1a50e9f7f133c23047c0f81c6e4d9516747c90a4f87a7aca9acd8011794b1a16fd39e6171dcce007f3cbbd78c1452e862db1bc644b42d9156998d46e4a871a28982d2d5&cb=1687291431336&cri=HzxmF7XWdf
Requested by: Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C76C 42 B
64 B 140ms
140ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZBdvT0X_d7uFRSNrschykhdMKthWEyVq89_0aB9hE01gTOGKwQc9T5n8nod0fknU85VYdaF-CdTq3oczd2NEl4x8clDYBcgWwP6XwC9GEihLs0cy1u9ozq0CZ-glji9UY2p_Mp46wPMxe&sai=AMfl-YT4JPqcEWApVBxgtZGz8KWx4gKD2aX_Ok1DUL_9bN8FPXaAlQpNShBAYTivstxYkj_HxFIzXnBF3Vf1&sig=Cg0ArKJSzNjzitzL0GwREAE&cid=CAQSGwBygQiDVq7i5XpJIsREKh5JP9wFwTvOf4kxRhgB&id=lidar2&mcvt=1062&p=0,0,188,728&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=594043572&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687291429204&rpt=1179&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK report Show response
widgetmonitor.outbrain.com/WidgetErrorMonitor/api/ Frame D451 2 B
261 B 382ms
93ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetmonitor.outbrain.com/WidgetErrorMonitor/api/report?name=obm-PixelLoadingError&version=undefined&message=%7B%22url%22%3A%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V-RTIeKNWXBLszONrIHjS8h0F6JGBX_m2bLem2vbDRWPOYHfo7uz-G46_p-p5rKG1gMqYnO_VMU-UBnfg4YApy3WwlxH3n72tdnHRX2NX2GRvJRIV-wca9jEv7T7keU5yEV4YzwVT6HOStbJM68GLQP4BTHztrj78qDtq25-4rnqFdcLjSy1GPq14NxKQtcHpiSCAiowaqCKNqCXREF0el-JHejDILGa5V_5jWwqGvZtTgwXKo-ZQgTlHwO4DuZU0aEf_-kWmom2gKyYCweMr_FxlFTit84dqjClRavzCHJK370gy-kLEWKT_FdW9q55U8vJUxQ8GnRGG5LxWcQ8oP2Vwr1yxflm4hN8Yczp9clIlY1v7CipEVHe3qfskqx3VgyClaZxTK6HF7Zrwg0BnCoIiLV4b-BmSY9luV0w4wz7rsXhia_wMFwvnUEjskYdZN_yKewAh3Q7lvMvLjhYXlzVsN9eP6Rj8emK95Jkq0VMugGYE08Oz8IHawAkGM232YMcPjO6Hv5fLk656mIbFfPbiHng3iIsbSc6hNPsdq6at7u-hz95PAO6yS1WeuqCsjCCoSJOCtuRy5nrMS1U4OtMnoa3hkLcMnPQVZTbKR7mgro5wCIW4X27A8_tvXuACCkTx3q25r6gbcVIjw7NXN1sp01W3CfiAcMwwSBWTP9TPOa0_TdAOCuzKTwrSlZ-_ygwvR4nICdg4vUqjH6NL8eYYHk35cAL0Wob4cTEMR4ivB0aHPVS1ByBv9-_9VoTpi2R63msaHlNBD4epLSTLRYp5n3xfLDsa_iIpSnVRTMmS_7-r47vaXc7xlWxBw8lXPQbfee1Oe1Q-vwlERIZgcgtnMtKSiKz_NlkYK8IcWJHTmiCNgTlfm1mJ4zU531ypiHpq5Md9-HmL7pOCc_IVuHgqMyReS-PpMONyE7Ry7hQZKQkF9SFyshnW8N8YkyCOyq8nmmBCaTJRh3_Mfkn_klOyCYCN096G7Yw9LzIxos4QzLFLFqCpb9DVh_TDfOgdMh4M5Vt3tn_fvGFdNACLeCA0lfWJwSRGSKQg-wsDJpTiKm5Dlv4a9bIVkVCgo6JCvLObsl8WPIufkwFJBuc994XoJLM5XS5UpWU7HGEyDJipJGX04NR93YuiTsO8EQIj0NCZY5Gkv-T6-4r8ZpRom1dbVHm2XRj8i0y89XNXjk2X4-mD_WWvHRSFKpQbqvsO5sWUfF_4nbcLcChlpr-B6kPikE-iapSrh67eqCzL8Fr15V8AhRvuQvZRLKfOHkjdDL8xW8oMVchY5aII_9I1aZp7O0E9EVC8Hg77sOTU22rbd4erXSBw2i4YzhM80DLsDXnwJBOFOBAoPE9In_rKYG1cVGfDYMmF-3cHxbqPoZ4SVLU-M7Fx4FSNylLQbKFoYBto83HllJsehMZa3PtfYLT99D-XfCDBuQe_zDwNp8HJIEoVKjP9Rjo6nTkuiSyMpMMT2r7hMStZ7IJlLp4QC1pwowNtD2OglC9S2IDifeKVwM_-AhvjZKE7ZgQNXAujQ%26c%3D2db3b474%26v%3D3%22%2C%22advId%22%3A%22%22%2C%22numberOfPixels%22%3A%22%22%7D&env=undefined&url=https%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2Fexternals%2FobPixelFrame%2FobPixelFrame.htm&referrer=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2F&agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F114.0.5735.133%20safari%2F537.36&stack=undefined&errorEleUrl=&pId=&sId=&dId=&ren=undefined
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Famplify-imp.outbrain.com%2Fpixel%3Fp%3DMW1qguY4qimC59ZgYvg-V-RTIeKNWXBLszONrIHjS8h0F6JGBX_m2bLem2vbDRWPOYHfo7uz-G46_p-p5rKG1gMqYnO_VMU-UBnfg4YApy3WwlxH3n72tdnHRX2NX2GRvJRIV-wca9jEv7T7keU5yEV4YzwVT6HOStbJM68GLQP4BTHztrj78qDtq25-4rnqFdcLjSy1GPq14NxKQtcHpiSCAiowaqCKNqCXREF0el-JHejDILGa5V_5jWwqGvZtTgwXKo-ZQgTlHwO4DuZU0aEf_-kWmom2gKyYCweMr_FxlFTit84dqjClRavzCHJK370gy-kLEWKT_FdW9q55U8vJUxQ8GnRGG5LxWcQ8oP2Vwr1yxflm4hN8Yczp9clIlY1v7CipEVHe3qfskqx3VgyClaZxTK6HF7Zrwg0BnCoIiLV4b-BmSY9luV0w4wz7rsXhia_wMFwvnUEjskYdZN_yKewAh3Q7lvMvLjhYXlzVsN9eP6Rj8emK95Jkq0VMugGYE08Oz8IHawAkGM232YMcPjO6Hv5fLk656mIbFfPbiHng3iIsbSc6hNPsdq6at7u-hz95PAO6yS1WeuqCsjCCoSJOCtuRy5nrMS1U4OtMnoa3hkLcMnPQVZTbKR7mgro5wCIW4X27A8_tvXuACCkTx3q25r6gbcVIjw7NXN1sp01W3CfiAcMwwSBWTP9TPOa0_TdAOCuzKTwrSlZ-_ygwvR4nICdg4vUqjH6NL8eYYHk35cAL0Wob4cTEMR4ivB0aHPVS1ByBv9-_9VoTpi2R63msaHlNBD4epLSTLRYp5n3xfLDsa_iIpSnVRTMmS_7-r47vaXc7xlWxBw8lXPQbfee1Oe1Q-vwlERIZgcgtnMtKSiKz_NlkYK8IcWJHTmiCNgTlfm1mJ4zU531ypiHpq5Md9-HmL7pOCc_IVuHgqMyReS-PpMONyE7Ry7hQZKQkF9SFyshnW8N8YkyCOyq8nmmBCaTJRh3_Mfkn_klOyCYCN096G7Yw9LzIxos4QzLFLFqCpb9DVh_TDfOgdMh4M5Vt3tn_fvGFdNACLeCA0lfWJwSRGSKQg-wsDJpTiKm5Dlv4a9bIVkVCgo6JCvLObsl8WPIufkwFJBuc994XoJLM5XS5UpWU7HGEyDJipJGX04NR93YuiTsO8EQIj0NCZY5Gkv-T6-4r8ZpRom1dbVHm2XRj8i0y89XNXjk2X4-mD_WWvHRSFKpQbqvsO5sWUfF_4nbcLcChlpr-B6kPikE-iapSrh67eqCzL8Fr15V8AhRvuQvZRLKfOHkjdDL8xW8oMVchY5aII_9I1aZp7O0E9EVC8Hg77sOTU22rbd4erXSBw2i4YzhM80DLsDXnwJBOFOBAoPE9In_rKYG1cVGfDYMmF-3cHxbqPoZ4SVLU-M7Fx4FSNylLQbKFoYBto83HllJsehMZa3PtfYLT99D-XfCDBuQe_zDwNp8HJIEoVKjP9Rjo6nTkuiSyMpMMT2r7hMStZ7IJlLp4QC1pwowNtD2OglC9S2IDifeKVwM_-AhvjZKE7ZgQNXAujQ%26c%3D2db3b474%26v%3D3%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2F2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Jun 2023 20:03:51 GMT
Connection: close
X-TraceId: 8af4ffbd8163985977280a0cd15f7eba
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Length: 2
Content-Type: application/json; charset=utf-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 36F8 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Domes-Noruz-160x600-DE.html Show response
s0.2mdn.net/sadbundle/17193030867716495342/ Frame 4570 6 KB
2 KB 117ms
38ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24a910b3b98e869cb192db4bf50c68ebb6ebc850f8cd7c8c1064be104e87818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 385110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2352
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 09:05:21 GMT
expires: Sat, 15 Jun 2024 09:05:21 GMT
last-modified: Tue, 09 May 2023 15:12:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1B4 0
0 226ms
85ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZ6lj9zY3RVTE2vqYbF5Y7-eyx9neq6Kp6KHYdD628aWeK4DTVVxYjLMIi7KqTjzL25LIMPN6BpvHJ2HUHjC-hHS0WMuDSN38CwV_JyOTt9xLPLzW7Ma2DEuRxIGH5St40UOgYd9G-Qzzx5Q4xSHB8Ux30zAni4SF249Br38sVFY_I2dIGOHcxkewa_dvzZTGqZ4q0BkADZFHbDpgSh6d_Lo8HVNo3MfsJLnuHAuM3gckvywUc8pWBBQsO6dx8ERYhhuwyi3kQVbQQnyvUmkHMI2xOelHUtAnFz2NqQMQhhv-6AaW59fa6fjdyuPSWMFuEqBF97gJDS8pirNzDdkdZcuyem2-q2h_c_vEqXPtFTAScv7egz0MHW6e0mhZdBwVHMyP9m3TPSZ84c2E8gjD7O32QqB3fb5X7KrEG-tu74yahMVxN2UMl3tT3jNrcYrJMyHZ_arCBX8rB5unNUXzYDpuHU_u4iuV62Sb-ltt5YcsBhtBgzQPEg8TcLu_UTYwmBH_s3mskCft1T0gPJwOtpKXu4jlEhWx1dDZUtPD0V1mVuZWxky0wj7d0aLP0EygApIoAhoEQK9bDV_jDcNyC5pea44cL8zvaLJfCo_YPJzZsisJdNuWUxRIUfwnZceJahNsXuNT3AqSdQiDKLS_ZkaDa_u_jBQEZFUHEvd0ecN0URMk_EDaN_Mx8Psx40I1u9t2dQY0bQrNOrQ5cZZknOt2Fe6bBtdQYyK5M0T0vIRNtH3sE1AZQDo5cB4Nvyucd4W69UCnfe54Y-iCIzpVkTu3X3wCBBMdW4vSii8arwolSrHfCQB6VIhjSL9GeE7xt7IFv0Dcbba9ikdUj9HU4X3GssvQar93XP7OTBilgsQlUOzC8OhUBpGfsSCEjgz9hpf1UeSzkeIOx_JkcS3XvRY9ZM7TgzYZQ2s8ra7O71hm7UuTg_ebSsxQjDF3bvmeGdq-GV075ufwUhQcIQ-c6wFP4EiGKJN0x0KoviAcC1Tk0qJdeerJp9FA8W1pGE3ad-pzOuOpn4DZFTL0a12FgWsOlKQyDbnS-KSGIlztewBT3eB2SNrmg5-RMO5-Xoa3fBIj_M5Vhv67YWTgA9WwFxrbDzG5w5hkuKo83Txq0qrTSdR1vYnUbwIu0POkwxnL4S-vyNSpylmvUlq3fZVKFq__C0onSlOk86F2fRSdBnsu_vJRvtsGWKMSNeISuT9Y&sai=AMfl-YTZj-BzRasu8NGNfCuUOLZJXnDFjcE0KrVOAq_RMuSDy9ibULpu1QppjqC7WLN5IE8B3_n5qYE3p5gfX7DbyI4VRMLB77EhCNjgjYA16tttX7Gw0oO1GK6e5FD13hgsp6n404guWv8aT7BaGB64r-GGVzVKce-CMaRMQAVFkMBP3BntWxQ&sig=Cg0ArKJSzHv31HiSeTPtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&cbvp=1&cstd=205&cisv=r20230615.07097&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1898 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 36F8 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95E2 42 B
64 B 140ms
138ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJlbnTb_prAlZcgfbCvGMRa74P2by0ru70nmVwwzEpkgHOupgo220HKQfeF5RhHZpSUh4FUs6wAGu7S0rFgQjLbLLo4zs17h1dMQQvi5aEeM7Kfn3Km0_1Wmbg9pA3XHQJumGrWLKTfwrF&sai=AMfl-YQrvnUwkPRhklbMpeS_K5FYkzAcNNXBnUeg-XzWMG--lGN36-vyPDGzZ8PlCIRsTZ8HoczBiobHgdm1&sig=Cg0ArKJSzE9-Pebvpa5oEAE&cid=CAQSGwBygQiDJCsMyo9MGXMedSobCCpgioTOZVL3eRgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=269421795&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687291429220&rpt=1365&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4570 236 KB
63 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 Domes-Noruz-160x600-DE.js Show response
s0.2mdn.net/sadbundle/17193030867716495342/ Frame 4570 51 KB
9 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8e364fb51fad369240565dec4060a6fd4b59ae8b5ff7446feaf000bab9f198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455084
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9223
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:12:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jun 2024 13:39:07 GMT

GET
H3 200 Domes_Noruz_160x600_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/17193030867716495342/images/ Frame 4570 2 MB
2 MB 40ms
40ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/images/Domes_Noruz_160x600_DE_atlas_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88414148b0c9c47c37aee3e2c3b5a22dc37cf2255e064d237bba9fa86782f6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 00:12:54 GMT
x-content-type-options: nosniff
age: 417057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2138057
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:12:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jun 2024 00:12:54 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1B4 0
0 76ms
75ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZ6lj9zY3RVTE2vqYbF5Y7-eyx9neq6Kp6KHYdD628aWeK4DTVVxYjLMIi7KqTjzL25LIMPN6BpvHJ2HUHjC-hHS0WMuDSN38CwV_JyOTt9xLPLzW7Ma2DEuRxIGH5St40UOgYd9G-Qzzx5Q4xSHB8Ux30zAni4SF249Br38sVFY_I2dIGOHcxkewa_dvzZTGqZ4q0BkADZFHbDpgSh6d_Lo8HVNo3MfsJLnuHAuM3gckvywUc8pWBBQsO6dx8ERYhhuwyi3kQVbQQnyvUmkHMI2xOelHUtAnFz2NqQMQhhv-6AaW59fa6fjdyuPSWMFuEqBF97gJDS8pirNzDdkdZcuyem2-q2h_c_vEqXPtFTAScv7egz0MHW6e0mhZdBwVHMyP9m3TPSZ84c2E8gjD7O32QqB3fb5X7KrEG-tu74yahMVxN2UMl3tT3jNrcYrJMyHZ_arCBX8rB5unNUXzYDpuHU_u4iuV62Sb-ltt5YcsBhtBgzQPEg8TcLu_UTYwmBH_s3mskCft1T0gPJwOtpKXu4jlEhWx1dDZUtPD0V1mVuZWxky0wj7d0aLP0EygApIoAhoEQK9bDV_jDcNyC5pea44cL8zvaLJfCo_YPJzZsisJdNuWUxRIUfwnZceJahNsXuNT3AqSdQiDKLS_ZkaDa_u_jBQEZFUHEvd0ecN0URMk_EDaN_Mx8Psx40I1u9t2dQY0bQrNOrQ5cZZknOt2Fe6bBtdQYyK5M0T0vIRNtH3sE1AZQDo5cB4Nvyucd4W69UCnfe54Y-iCIzpVkTu3X3wCBBMdW4vSii8arwolSrHfCQB6VIhjSL9GeE7xt7IFv0Dcbba9ikdUj9HU4X3GssvQar93XP7OTBilgsQlUOzC8OhUBpGfsSCEjgz9hpf1UeSzkeIOx_JkcS3XvRY9ZM7TgzYZQ2s8ra7O71hm7UuTg_ebSsxQjDF3bvmeGdq-GV075ufwUhQcIQ-c6wFP4EiGKJN0x0KoviAcC1Tk0qJdeerJp9FA8W1pGE3ad-pzOuOpn4DZFTL0a12FgWsOlKQyDbnS-KSGIlztewBT3eB2SNrmg5-RMO5-Xoa3fBIj_M5Vhv67YWTgA9WwFxrbDzG5w5hkuKo83Txq0qrTSdR1vYnUbwIu0POkwxnL4S-vyNSpylmvUlq3fZVKFq__C0onSlOk86F2fRSdBnsu_vJRvtsGWKMSNeISuT9Y&sai=AMfl-YTZj-BzRasu8NGNfCuUOLZJXnDFjcE0KrVOAq_RMuSDy9ibULpu1QppjqC7WLN5IE8B3_n5qYE3p5gfX7DbyI4VRMLB77EhCNjgjYA16tttX7Gw0oO1GK6e5FD13hgsp6n404guWv8aT7BaGB64r-GGVzVKce-CMaRMQAVFkMBP3BntWxQ&sig=Cg0ArKJSzHv31HiSeTPtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=479&vt=11&dtpt=270&dett=3&cstd=205&cisv=r20230615.07097&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: victorraulrr.info
URL: https://victorraulrr.info/descargandoapp/7rCE0m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&RedC=c.clarity.ms&MXFR=0403B92BDA6162C62DF7AA1DDE616C00
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&MUID=2411774069D463983F26647668D46259

42 B
442 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&MUID=2411774069D463983F26647668D46259
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D165A5E511834690A56EB6C0A37E8E1E Ref B: FRAEDGE1820 Ref C: 2023-06-20T20:03:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7C56ACCB52C426682A5BF349DC5F2BB&MUID=2411774069D463983F26647668D46259
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
90ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2756e7805b6499ccf30910b2cf286e164800eb818d6c216b101d890bd1765fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11209
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1B4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b8b024fa26af55f380d26b9f4caf3b4845764d45b71a8c4619a7ad1ba637326

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 370F 361 B
689 B 10ms
10ms Document
text/html 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 361
content-type: text/html
date: Tue, 20 Jun 2023 20:03:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1687245994.554195"
expires: Tue, 27 Jun 2023 20:03:51 GMT
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 370F 3 KB
1 KB 12ms
11ms Script
application/x-javascript 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
content-length: 1004
last-modified: Tue, 20 Jun 2023 06:50:48 GMT
server: AkamaiNetStorage
etag: "93810123e74a13415e8cdd22e8c62d31:1687245995.168478"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Wed, 21 Jun 2023 00:03:51 GMT

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/view/CC65DUJWUG56G25Z4IQSHO7KE73VKNACRDSVEZRDGKIE6F3RBRB7QBHXI7FUKPDL5NC6RFPPTOEG7A6TPEI7NO56CPY77YYGONHYF474SU5O4J7EGQTCYND2AOJF6RMY6GUCKFVIDF4MH42RAO26ZXYVUHABG4BG6HI6... Frame 370F 26 B
127 B 352ms
86ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/view/CC65DUJWUG56G25Z4IQSHO7KE73VKNACRDSVEZRDGKIE6F3RBRB7QBHXI7FUKPDL5NC6RFPPTOEG7A6TPEI7NO56CPY77YYGONHYF474SU5O4J7EGQTCYND2AOJF6RMY6GUCKFVIDF4MH42RAO26ZXYVUHABG4BG6HI6DB6INIPLWZUDWMGGJUX3FACE2HBLQAIGNKAMYH57BAINIH6NALHC7ASRNINGOU6ADLDSRHBDQAO5FC56ERBWU47MOG2LCBWKWVU3OTLH65I7O2V5CQ4DTW3MUZP5S36XRS3NGHEUJEGQ5STRD535EIIDK3A6X77NQWYLLSQDYDHQMSEVRFJYIXJQCMRCGUM6XLA/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Tue, 20 Jun 2023 20:03:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 36F8 0
20 B 139ms
139ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWehVJwaSZMDnDMeArATHq7qIAwAAAAA4AeAEAg&bg=!-vml-a3NAAaGYqkwpmI7ADkAdvg8WkTqLOV859mtn0q0rWcHUTqZEF7dmULDA_OF_MlBVWH8hLjkLlNBKBKZgKdXD4plXHu-CL0CAAAAgVIAAAADaAEHmQMpM2Kw7Gy803RFyzsJBI6VRIy50qGbqdcoy5vE-EkLdC2tTXI7lb3N5hmJTJdNonm7Eg08Fw3ZRdVL77nB4WPaaWrjrjsbO1_BKLGu-UnkWpSpOZIgYvZNXVVVIs4XOhXTEpQw3C34FbwF_Ax16EW3RnX7A0JxEJVD6VhmdxfMzA58dwfF3xrpVa57EQq6Qyxy9Lo7wX1wFfotBatkNW3w6JpHVcTd4Rg9Mxk7nCmHeQDkmZVXDSA9z6J2HQJ1A3gyfH17B96Z0O0xt6dLW7vLfKDR0WTsMBmfzS4m5zrmxzkrjHlZST2WgygBwfSwX6ZTldYrKhszS0mcvjbt_z7wQvq1Qw8Pn54jzzC3RIv2X5sIl_MObOvhUaDWpQFGSHM0aPrLZ0NOSvPryyMT4zI_seKForadlUH1iDu4JEL6geag3u2kFRVfXIiLpzHz_5oENEFj_B069EvCQJVu4xIncNTQXSX-ferUGHWxtyrZ2-VQr16WWTvMy4HLOyO2Pg1bJM3s_FrIajWkMxAkxQwkILiYqK7DNWJhSpSQZAr1flSU6jF-muqTtgaV7tfli0dIgwN4lXiIWzRLECqe6HDW2k4FDJWtbYR_agYGGdbd6R9arhFmp5yXpRF6t9sMt740ImGyiB8g3k_VVGnUg-pwXDQud3yWy9NVOV-RwI8YwescX6kV_PH_ikzSr6qY5iJnrxdxP_VzlDlzHa5Eq0M5oXn-o0l1dVSiPaAmRIyHl8q9w4zciurLb_c5aRLNQfThU-x49HYSJ2r-0OEdxe-ONhSSjxKqwhtOecBJWVyyCcRzkCpj2jVQU9Oif9bH7YmtELFHuzApUsvpdFSQu9ZXVhbNtprbzuwaGw9_gyN6tx2Ilcly0VYsb3SkrWGCfDnyFVa_X26TIcCvjeXWGa6vrM-lvoNH917ydlmIXRMl2p5N4EnRSwwmUTtzLHAkUvXZAwXZvZf4DAqzeG5vmbvHfo580G5ELIf9r6eZruCX9cIFz1U24ksV1ZwCT7NdL1K3re7mxvFU9NtAydXpbMNbxf8gNmIsoAkb61dx-L8nz6XG68xLPY4FNT8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 20:03:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DC4 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:02 GMT
expires: Wed, 19 Jun 2024 13:53:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11E5 783 B
534 B 48ms
47ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28efc9686298cf2acbcb036cda08631343b14c18cbef1a8e83d373722904a6b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_YZ-4_pgHgBybzlXeelSRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://victorraulrr.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_YZ-4_pgHgBybzlXeelSRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 20:03:51 GMT
expires: Tue, 20 Jun 2023 20:03:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11E5 0
0 72ms
72ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306140101&jk=3691596726563996&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DC4 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
297 B 188ms
187ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://victorraulrr.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://victorraulrr.info
Date: Tue, 20 Jun 2023 20:03:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3DC4 0
12 B 37ms
37ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rXlDZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:03:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0A1 42 B
64 B 139ms
139ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhZDbN6qXqcIWiv0SCHpZWgeIEPVOFXgIuYuncywbYjEmabr65yBqiNDD7nCbxE-_efKZjxkSGuBeVcwC8fzoWyILHEJdnSI2BvMyZYDmSIYzfDxL9wWBi_1cK-VE11VaR40RjoKAj8eR6&sai=AMfl-YQ4G76_DuP2QZkv220GGgJPFADjwzLo5hrghV14-7Vvz5_6X3m_lHPDMiyLTHRw7VvmA-xI9_nlKeFD&sig=Cg0ArKJSzGd09cEe8JTQEAE&cid=CAQSGwBygQiDIhU27rSorWvpwlyswhjm8ab9D8KAKhgB&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687291430944&rpt=183&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F41B 0
54 B 80ms
79ms Ping
image/gif 2a00:1450:402a:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lj4pr4l1&c=7069559995773&slotId=3534779997886.5&qqid=CM3Pn7LS0v8CFR6MSwUdsLwIaA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bce1e4c8408c77dcdd723b4c15e3df48.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B4 0
20 B 134ms
133ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5828970002007&version=m202301230201&ct=119&x=1&cor=1246819333230510000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1B4 42 B
64 B 140ms
139ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfMS6aKNVDiWUvFLGxJMuLBiDAMqAF8S497cNRg0ypARzcozrNFVekApeWZeHl4cIN1T3ICMiICudSwS8TWCsCjcFvZyy_4H58lXDsQtLLRNTDWAGLBKbe5RjrKjztIFY&sai=AMfl-YTFEUVjqz0ZXBJBZ5YH3DToG8riq3OShpXrErV1nStAymZAteJAE81_w7W8pbeF1JDJJj8xb0t3qtU_&sig=Cg0ArKJSzF-uGG2pZqlPEAE&cid=CAQSGwBygQiDIhU27rSorWvpwlyswhjm8ab9D8KAKhgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687291431025&rpt=303&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306140101&jk=3691596726563996&bg=!6uml6b3NAAaGYqkwpmI7ADkAdvg8WvqV8tBgxiaUH7foqs8N-aEZhBJLkVWmr7y7j72DA4bSme5tHleERUmzDVNc_grdYNS3NUcCAAAA0FIAAAAIaAEHCgAm2NsKwZnmNrw4sruscb2H5V6208pH0B71PmDyrzZdrvDzNT3NVp6ZAurA1KjjCnZvoJ-jWNpE6mT1shO0mTKsOp9ohU9KfjF6wmhrkjuQ18Ok9NzQUKv5FNDWjoM8syqPOHQv74PqgyblWLWXsOXm4gP0YiLv7D3dVGWEKOzkzDU7jaaj8Um8nzqiOxzsVnGURUbBZUjIzAbp7kacqN82smlW-2eOhsDYEMcvX8Hd0_7OhmnAo3GsHfAPvgu88VEP3AFgXGX9lMjhHwqztYzyL97Gzj5MJdDUQ6tXP9XKQ7H2OLM7ar1yyPoSY0Tk-wNKnSpXZlejb4e4gT1saxUYusK9lxFKG8Zjw_LnEwiSqJlEf8mnlXr-GV2Lmd-juVHrWzzUd-lNlITpysY5X0aIIPpmMHc1EycBHsrkroFfORvO39l6X5HUIQonu4FetFzsEOLGTm1FlsjspmUl3B2HbwaoaC9YIp5wLcG_m3dBskfFgzQ73nG7Dc05C4vaIEUsC2UV25E4xs-xEv6Bxni4Fo8SVkMRhJQ1UfNEEQgESiM3Tx2DfiyTRJCSWpn8SSvu9c2aXh0TrR22nk0LCBZoZJ1V15FeJvCduJqw86RcXNlVKnL3Emr4G_4U7XS7WiDbdQTJWMDLamLBfTuoZgzETEgaaCXzh1dSxRWEiSTyEgzl2gkK5CrfROVydcRCvZ_K7J2mfxMLMwpOs78cMdlq1ERv9UXzvYTOLaTeIbNAA6JyV3t5qkkaS32HuxRWvX0SvksxG2ymv31gewEBzS5-uVjeU3XVDbMm-gEASOPSE4RTFjFjXN2W0tSnVU0k4Tsgrfm5Q669zKlwdCMBUsmeEmaqyRyAZSCaAU-AEI3W5vbjXDQay3TssMAdNY3cxcXh38MyZOKnKGa6pmseNeuMwb8KJgiffFtCaYJvKJua4jI-5ULZsyaty1NGqkVMSWBvs61pKSisf8g-ejSajzUYrD59qtREtfOAkgP2cjZuBYHCuQmXM54Vyrldnha0k8cvltFJJOrcHwzpYyKmZSlaDF8Bwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame F8C1 4 B
371 B 335ms
83ms Ping
application/json 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jun 2023 20:03:53 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e6956cceed658f9e8091c8122d91a8ca
Content-Length: 4
Expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 113ms
111ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5GHSG5YVH5&gtm=45je36e0&_p=185643862&cid=271670831.1687291429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1687291428&sct=1&seg=1&dl=https%3A%2F%2Fvictorraulrr.info%2Fdescargandoapp%2F7rCE0m&dt=%E1%97%92%20VictorRaulRR%20Apps&en=page_view&_ee=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GHSG5YVH5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://victorraulrr.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 20:03:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://victorraulrr.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
victorraulrr.info/descargandoapp/	1969-12-31 23:59:59	Name: AppSession Value: 7b85915299482df3b0b3b6ee11288268
victorraulrr.info/descargandoapp/	1969-12-31 23:59:59	Name: csrfToken Value: 48d797c6e3c5b323c8600eb51068662ffd129adba9625660be95735ab8aa63ad45cf6206443f8aa31b1dafeabc8606f61a0cdadaf82c3c9799afd2a92765b2f2
victorraulrr.info/descargandoapp/	1970-01-20 12:42:57	Name: app_visitor Value: Q2FrZQ%3D%3D.YmZlOTFmOGU3ZDc3NGM1YWQ4ZDA1ZjQ2NGRmZmM1ODFmMmVlMGViZjllMjAzZjUwNWVlOTVhMmYwZWYyNTUzN44dtM8UG3jrb%2FFF%2BLqqF1LPuoGEGuLP3UDgo5%2BlT6kEwfyatlAdszD7wqhEa90k2hWrkTNHcdZiXwC3lEq%2BTC2AWt71NqPyYJvgRpbeQjjf
victorraulrr.info/	1970-01-20 12:41:31	Name: ref7rCE0m Value: YTllNjQ4ZjhjMGIyMTNmNzA3YmI0N2E5OWY4NjU3OThjZmJjMDg3Y2JiYjVhZjkyMTUxMDM2MTU2YjBlYjhjY4zTTmbrrDJGVLD9T%2B9ou6iWZp310qmIMnI98g5igkNT
.victorraulrr.info/	1970-01-20 22:17:31	Name: _ga_5GHSG5YVH5 Value: GS1.1.1687291428.1.1.1687291428.0.0.0
victorraulrr.info/	1969-12-31 23:59:59	Name: ab Value: 2
www.clarity.ms/	1970-01-20 21:27:07	Name: CLID Value: 48b3413af60b4cccbc5342074d9d3f86.20230620.20240619
.victorraulrr.info/	1970-01-20 22:17:31	Name: _ga Value: GA1.2.271670831.1687291429
.victorraulrr.info/	1970-01-20 12:42:57	Name: _gid Value: GA1.2.1803096487.1687291429
.victorraulrr.info/	1970-01-20 12:41:31	Name: _gat_gtag_UA_150742105_1 Value: 1
.victorraulrr.info/	1970-01-20 21:27:07	Name: _clck Value: 1picnat\|2\|fcm\|0\|1266
.criteo.com/	1970-01-20 22:03:07	Name: uid Value: 2ea382aa-1ae0-448c-83f1-6875613f752b
.victorraulrr.info/	1970-01-20 12:42:57	Name: _clsk Value: utm0lb\|1687291429354\|1\|1\|e.clarity.ms/collect
.openx.net/	1970-01-20 21:27:07	Name: i Value: 470e7ba6-87ce-4b14-a448-50b406464e3e\|1687291429
.victorraulrr.info/	1970-01-20 22:03:07	Name: cto_bundle Value: o-kXEF85TFJSTG1pUkJ2NzNxJTJGanAlMkJNbldIcnZud0RTamVHRVh6c29IczZJZWdmRjk4cHlTYXVhVDYlMkZaTlduemx3ZG5xSjNHejVESnpTS2pZSlVxR09EVXlCUWdQU0xLNjRETGF2U3c2ZHNmaCUyRkVleU5NWE9RbFhvNW5Ta3NCcXdtOEZMV3pzQzd0TnQlMkZSMlU0clpYZmU3WFVZNkt0ZWdGJTJCMW9aclFhYyUyRkhxUlZXYyUzRA
.victorraulrr.info/	1970-01-20 22:03:07	Name: __gads Value: ID=e3b325081b72c4c7:T=1687291429:RT=1687291429:S=ALNI_MaRoq2R33_qrLC0IbliQnqIqxYckA
.victorraulrr.info/	1970-01-20 22:03:07	Name: __gpi Value: UID=00000c3157324d63:T=1687291429:RT=1687291429:S=ALNI_MbIiA-B5fOaU0-6yh1W9gOOk3VlvQ
.doubleclick.net/	1970-01-20 22:03:07	Name: IDE Value: AHWqTUmA7wS1lL9UKGvVq0f2CCoIzcM7dkBU8k8-KYlefoNR57za5XjyUFOpPm8zNPk
.doubleclick.net/	1970-01-20 12:41:35	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 14:51:07	Name: uuid2 Value: 3816059531100901293
.casalemedia.com/	1970-01-20 21:27:07	Name: CMID Value: ZJIGJ7OdKbF80cpq64VLHAAA
.casalemedia.com/	1970-01-20 14:51:07	Name: CMPS Value: 3281
.casalemedia.com/	1970-01-20 14:51:07	Name: CMPRO Value: 3281
.adnxs.com/	1970-01-20 14:51:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?ej=S@!]tbPl1M>e)ZlrFUfJ+tGXxou:vJyx8z>Vp<^P%9Y4b%KAfD2fYvqTr)50y)bpRzqF1`b_AK+9kP
.bing.com/	1970-01-20 22:03:07	Name: MUID Value: 2411774069D463983F26647668D46259
.c.bing.com/	1970-01-20 12:51:36	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:03:07	Name: SRM_B Value: 2411774069D463983F26647668D46259
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:03:07	Name: MUID Value: 2411774069D463983F26647668D46259
.c.clarity.ms/	1970-01-20 12:51:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:41:32	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bdeaef654726f6f03f9c9d539b4f3ed.safeframe.googlesyndication.com
ad.plus
adservice.google.com
amplify-imp.outbrain.com
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
e.clarity.ms
esp.rtbhouse.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i1.ytimg.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rock.defybrick.com
rr4---sn-5hnekn7k.googlevideo.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
victorraulrr.info
widget-pixels.outbrain.com
widgetmonitor.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
zem.outbrainimg.com
104.18.35.34
146.75.118.132
162.19.138.120
172.217.16.130
178.250.1.11
18.155.129.39
185.80.39.216
2.19.245.134
20.62.48.180
2001:4860:4802:32::36
216.58.212.162
23.213.170.21
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2057:7a00:1a:ba5c:3900:93a1
2600:9000:2250:5e00:a:e047:753:be1
2606:4700:10::6816:3556
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9b
2a00:1450:400e:2::9
2a00:1450:402a:80d::2003
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42::485
2a06:98c1:3121::3
34.102.146.192
34.120.107.143
34.96.70.87
35.190.39.111
35.244.159.8
37.252.171.53
50.31.188.60
54.155.201.15
64.202.112.127
68.219.88.97
70.42.32.223
0621568cb4a28a5b5ddbe5b23e996cc1bfd2d79d0a98fabb9c030641bfacf319
0695beddad86b2879d1364908ed542ea22ae3b524ede62c30281e510f0875f67
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ac569705152b86523abac49402f4352d3eb1b181808a8933dabfb9a83a8ecca
0b3646e0fa00be9c1cbb3a7dc1ad1d0348dbdbec5b6e023b012cf8e0d2927fe1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
21ee7f2ef72869019add72b96d7798bce20e6281b72fee271b7061a411e507e6
23add6f94fac4eff07e0bb6c37c541fc37a1b659516ba2df40e922bdce8b4e6d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2756e7805b6499ccf30910b2cf286e164800eb818d6c216b101d890bd1765fbe
28efc9686298cf2acbcb036cda08631343b14c18cbef1a8e83d373722904a6b3
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332b7916a31bf8fe29f642f556c7740fb0ca9dcddbed901b39539ead375e4b5a
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
347aa49788b3f6f662f316981e24cd4db0581e72eb250382a966879e92a79432
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
382887862afe1422a4b15b0bc254b6f3ae8f2291ed7f31bf5c4e41df0c7a3a95
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3ce53d1f901f9183b5f311cb21e679c23b258947e8dc9e453414ca6677c1d09a
3d54d6d54f23b847b7185721dfd5898e32992fe5ff16d1694c9a6664ac03d5d5
3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406
3f5b4934df224b49e485bea955ee7723fb362fd73cb9f2d5ccd9143f90bbb0c0
41f0f6e9abce97c5dc8366d88ba43460d877ef249ac1205e271220292f798b34
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4562d4b39602ab4423fc22ebced8e2256bc9845f9d95e89861975962a8c724a3
465bedded883d1291a79639e9537e2c41367e65ce7bcd9c009e8cbcd21a99920
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b4ace29590817c3c82da9dbd6aa29efd61ecfaf2f280c0b5f5d1975ea58bcb4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c216860f82a201e909b917ff2eca53e9787b05ec1fe5a69a0d4b994d95781c5
4c948488ecf50a8d54426c787c21b5f75b7d16e94bfebde87eec769efb616451
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dd13dd26638e64ef851ae0843978a83988c818abb74f0ee1b8562f34c57cec
58d0a6c95ea93dadc50c215e562dd177ad7188d9ae69acfba548fc4cf00f2867
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5b8b024fa26af55f380d26b9f4caf3b4845764d45b71a8c4619a7ad1ba637326
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f27ef1b11dfa390ba5f7954370ea21aec89e8a2772f7b7d8e41b6eccc7df42a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6215b65df789cd3b5a23f79e9be9e249c361495ee291e6ec6d9559dbbd7f8771
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
76f602ca9cf7b68ce01139c7be03bd3ecc821f019faffe6f4b987b5e17582409
77af0457984afb44555112ecd78a42506411fa5be90adf779518317a5475a57a
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8546715514634e13731f0e2720924ac3f81ff16e596c319853592c5cffdb80af
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
88414148b0c9c47c37aee3e2c3b5a22dc37cf2255e064d237bba9fa86782f6a3
8e1ef89b3c033ab7d605b02d94b80fa7ffe9d4a3346ed46d1548bebba40eb858
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d17ef65f36e5bfad80e1e77e6a7fb76bf7b1ada4ff3c52426787f3ae50a87c3
9e00cd23d96f1906ea2f0f62df8aa62e9f04ad6ea67f9aec6db0c67252915c78
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d5a4ec9bd8d2f5cd2acc332207d9f9e93e94bdc6e50cb47e35ce01c53a0565
aa0d1f0eb637977c4b11deb4668d81099f031f1223abc9761e7c26c2da480c1e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aba462719cafb4e5085a34956eee9a4ff4fa9b44044c69bfc3885c1daedfd087
ad48890fd2e12f69b8f963c3d7e19cfdd461ae3fb2b70ce5916482e9cd7f11f5
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56613af6f22b895be29ded556e4d3bd01b861f663793f2aa011339a8a4a3505
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc60e7b5081f984a54887164b4ec24886ac5d08e579724618cef83b69c6dce32
be2ddc1fd9d190bff56ba19055b007cffe86b2c1e3834aa92c0b0299774461ca
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
ca3d34356f3afc7cfaa2e1f841f41dedb6cbbf80c6fd537bc2db760f25589f51
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbd74ddac98b9f23483dc2d164e4fbe40cf077a27a7b147bf4662c87aad415a
cfd8d02949a659afd24f53b5de55af520f8590e173dab48968f9af34f25b5e78
d42d07bf57c5ab6db093274c06fe553fe94071b718a825d50a84d7a525c6dcbb
db8e364fb51fad369240565dec4060a6fd4b59ae8b5ff7446feaf000bab9f198
dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e5e700f20510ddfb902f44864c255bba60b9418ce585265b1b81e67840d3f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ea1f9ddd30c9f7e1207622398f7718c412df39238c7ad67d4251e2a68bf4895f
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec1e0d9bb27d98ce0643afa0971f9506808531e3334248652e1adad913643bb3
edfbc4e4b4c3f24c6223a6a91f90a850b15fae62c963b9e4fa95a4a7e87db235
eea0595e4cd9dcadd83378b16dae8a461d1dfce5dc105d483ff685b106198648
eec31e915be198f1e34258d72c7316987168339231edc1ba1c91b5658a92e6fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0a092b2d5f1b407d4a258a3f43167273783b28651768abf222928aba2b678
f24a910b3b98e869cb192db4bf50c68ebb6ebc850f8cd7c8c1064be104e87818
f66ac45023aa5f15d6e442fe8c6606aebcaa984392d7aa2390cc54989a38316c
fa6ef89bd4ae8ed43d1b4a61041d9f687943363cc08638491a319e463d936893
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

victorraulrr.info Open in urlscan Pro 50.31.188.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

96 %HTTPS

59 %IPv6

35 Domains

60 Subdomains

54 IPs

7 Countries

7025 kBTransfer

11302 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

victorraulrr.info Open in urlscan Pro
50.31.188.60 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

96 %
HTTPS

59 %
IPv6

35
Domains

60
Subdomains

54
IPs

7
Countries

7025 kB
Transfer

11302 kB
Size

31
Cookies

190 HTTP transactions
5 data transactions