promo.pixelsee.app Open in urlscan Pro
2606:4700:3034::6815:7a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Effective URL:
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Submission: On October 23 via manual (October 23rd 2023, 6:33:15 pm UTC) from ES — Scanned from ES

Summary HTTP 66 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3034::6815:7a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.pixelsee.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 15th 2023. Valid for: 3 months.

This is the only time promo.pixelsee.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	172.67.138.46 172.67.138.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2.16.202.16 2.16.202.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2606:4700:303... 2606:4700:3034::6815:7a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
66	20

17 172.67.138.46 (United States)

ASN13335 (CLOUDFLARENET, US)

abelectivirean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.202.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-16.deploy.static.akamaitechnologies.com

ak.deephicy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3034::6815:7a1 (United States)

ASN13335 (CLOUDFLARENET, US)

promo.pixelsee.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	abelectivirean.com abelectivirean.com	61 KB
15	pixelsee.app promo.pixelsee.app	66 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	222 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	5 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9763	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	160 KB
2	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 13943	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	603 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	google.es www.google.es — Cisco Umbrella Rank: 21165	408 B
1	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	deephicy.net ak.deephicy.net — Cisco Umbrella Rank: 84358	2 KB
66	16

	Domain	Requested by
17	abelectivirean.com	abelectivirean.com
15	promo.pixelsee.app	ak.deephicy.net promo.pixelsee.app
7	pagead2.googlesyndication.com	promo.pixelsee.app pagead2.googlesyndication.com tpc.googlesyndication.com
4	my.rtmark.net	abelectivirean.com ak.deephicy.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	promo.pixelsee.app connect.facebook.net
2	www.googletagmanager.com	promo.pixelsee.app www.googletagmanager.com
2	littlecdn.com	abelectivirean.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	promo.pixelsee.app
1	www.google.es	promo.pixelsee.app
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	promo.pixelsee.app
1	ak.deephicy.net	abelectivirean.com
66	19

This site contains links to these domains. Also see Links.

Domain
pixelsee.app
brightdata.com

Subject Issuer	Validity	Valid
abelectivirean.com GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
ak.hetaruwg.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
pixelsee.app Cloudflare Inc ECC CA-3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-02` - `2023-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.es GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Frame ID: D4BB3AC7D50A43F060630BFDF0BC51F7
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: 9F0754E925D6113B27B76FDEF1CACA7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696322836&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023%26sub2%3Dpropeller%26sub6%3D740388914363380552&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698085993242&bpp=2&bdt=586&idt=484&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5948619919251&frm=20&pv=2&ga_vid=1204114218.1698085993&ga_sid=1698085994&ga_hid=102549272&ga_fc=1&u_tz=60&u_his=26&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805533%2C44805931%2C31078297%2C31079012%2C44803793%2C21065725&oid=2&pvsid=1068570866624256&tmod=449237786&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=511
Frame ID: DC8F22B8A244F2A60A812495AFAF8027
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7669BE341685A6E5E7ABC17A42F8E4E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 297E4AAB77D1C2716B5CA739D5D41C50
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PIXELSEE | Your file ready to download

Page URL History Show full URLs

https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841 Page URL
https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2 Page URL
https://ak.deephicy.net/4/6118780/?var=3466561&oaid=9f38a48c05e730636a8c592b3d73328d Page URL
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=7... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

66
Requests

100 %
HTTPS

84 %
IPv6

16
Domains

19
Subdomains

20
IPs

4
Countries

667 kB
Transfer

1854 kB
Size

17
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://pixelsee.app/ld/get_installer.php?pixsite=1&r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Title: Download

Search URL Search Domain Scan URL

URL: https://brightdata.com/sdk/faq#sdk_app_connect?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Title: https://brightdata.com/sdk/faq#sdk_app_connect

Search URL Search Domain Scan URL

URL: https://pixelsee.app/license.html?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Title: TOS

Search URL Search Domain Scan URL

URL: https://brightdata.com/legal/sdk-privacy?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Title: https://brightdata.com/legal/sdk-privacy

Search URL Search Domain Scan URL

URL: https://pixelsee.app/policy.html?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841 Page URL
https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2 Page URL
https://ak.deephicy.net/4/6118780/?var=3466561&oaid=9f38a48c05e730636a8c592b3d73328d Page URL
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
abelectivirean.com/ 33 KB
12 KB 228ms
116ms Document
text/html 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 97ca147d748a5b2aa89eaf795c883e7196654ade348e51ea1948241e90e99b99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ac112308907397-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 18:33:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOZsTJM7JzqZCLc5jY6f8mnEgH9fyXUhq9DJXhlMPxKCm64kSh7lNJjW2R6HuF3q9Ze8hiu5QRwqmrwZ5uW7wFT0tVyUTGFRHXzkYPSTBuptO3fw%2B1xkgIz8UAUSwCpdgwo1MvM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
2 KB 117ms
42ms Stylesheet
text/css 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 15:51:00 GMT
server: cloudflare
age: 5841
etag: W/"6532a1e4-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 81ac11244f1e1bac-MAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
545 B 200ms
64ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=9f38a48c05e730636a8c592b3d73328d

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

780acd9be446c1676f579baddab6067f8194b407d0db8fa5798193cfb10e2062

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abelectivirean.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
abelectivirean.com/pfe/current/ 26 KB
10 KB 101ms
100ms Script
application/javascript 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742b2ae34faf5c9d2eae29e03dec10f96c5383043da38de7ffeb6e2e3439d774

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 23 Oct 2023 14:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65368505-68ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf%2FmiNi0ONRJFaCUuyyniM58YisKiZ2PXTaL7l%2BVNf8RXQAzfYUihckAYKLwlc6Hwj5Ir9PQtsyeU2fDO7mdp5lFFgmWOn248X%2FOcFLW%2BxoIbAS%2BQNELCIhiXSBGMD%2BGKeDyphw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 81ac11240a9d7397-MRS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
abelectivirean.com/19/3466561/ 3 KB
2 KB 90ms
90ms XHR
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/19/3466561/?abt_opts=1&var=20870841&var3=2d7dfd614acf7f82cbda8ee37aa9bd75&ymid=&rhd=1

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdef12f9bd1432de3f4e3b1c7aa3c93c1c15cea9fd7c0b065e5eb0acfa7f3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 99e291805c9e0bf37acbeb89085ed7f0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgYoVJj1MelOZ7SCCtzxbh0vgRoSbWLdsZdFHrWRPbhA3AyeMQXLDOA8bXMfQzrPlqVmOaSviOBreqJwLrClTJT66%2BKuSij0yAg7swWL77xj2ZLyNUrWW8TMOWAOmmTMnqKmBx4%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81ac11240aa27397-MRS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 /
abelectivirean.com/ 2 B
527 B 205ms
205ms XHR
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&mprtr=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1Z6aHW2J95MyQxXXtgK6frrLCvWlnaSoSUbbAkqL5FGqPdLcQD8HqdIi0tZTdoCunIiQVcXwPn1FyNwQf8PfW5u1AoBY%2BPaDnxgSJeXQSwzwW8EK794qO01rIV3hAxOdVFEcfo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 81ac1124ab0412b5-MRS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd
abelectivirean.com/ 2 KB
2 KB 95ms
95ms Fetch
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/rhd?rb=Ho4cop7haPJ9RRucIizBtgRExIHuZjRsWFEdWrJtb0SNGlPllz6UQwcX7B9WUXkzuxIeLPMja-H6uim9C281WRZh7D5VYlcJ0MiRymnjnhP4NfkQ4leuWWRPnCjhVfRWNu6Y1fKejLJxpJsEgue0-EgGfX9cIKIK0R2ERpC1Swsiki5d7PzxJnB2mAbEO3Nw3XGdG2_YSwqJlRBpuamr-FQSxTdcqEK9dnJ3BF85UL8nPOlkBd4EhG4nGigdRWxbGbb-ddIb8mKyG0B3kowzs_5lzV4nXkgN77PUjVV-O-dM9upVFwG1KUC9wP_Sv1nruTdGKERy1wLrRHMX_l8-ReoKLBiRhj0CL7vpGa6LCzm0YCmr036m4GdaxNFWQ1SCEACQB_do6DJ_DlqSsgh64tY97i01FeBv_30FhnYuyGvv7NNB&request_ab2=0&zoneid=3466561&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fabelectivirean.com%2F%3Fl%3DiH47gisHzJTX88e%26s%3D2d7dfd614acf7f82cbda8ee37aa9bd75%26z%3D20870841&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=20870841&var3=2d7dfd614acf7f82cbda8ee37aa9bd75&ymid=&rhd=1&m=link

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 2759401073267010be13ca12f042e738
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KauHgVcfePgk64rjVjRz3j19kfLxx8VD3Dec3RhJpSliNgrH7S6t9KeE1I7cfprwIU6U8wUPWI%2BU%2B%2FLeKbjkcMF0KQclClbBUvE%2F6%2Bi4OVTZoXPaNHJ0MZFNPyEn1GWO0cjDPk%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81ac1124ab0b12b5-MRS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 3466556
abelectivirean.com/sw-check-permissions/ 0
951 B 127ms
127ms Other
application/javascript 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/sw-check-permissions/3466556?var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&uhd=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THOdge0JQEb5jmQlAf2p4PM3KJA0IueaNZtnJrf7vvCCRqyf7Cr1n5p7y%2BZGl8uLHznJU%2FP%2Fk%2B0T5NHsIYCy2pewLdRNh2LPpouYCaXFcFsCwHAwv4e%2BIA4ZTRWzRHbsxyinjzM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 81ac1124ab3712b5-MRS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
abelectivirean.com/ 0
492 B 105ms
105ms Ping
text/plain 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/zone?&pub=0&zone_id=3466556&is_mobile=false&domain=abelectivirean.com&var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-trace-id: d3428f5dd5bed4c68a0912e01e96f954
date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkCHgE6yOSmPwvtwSmygJVBjIGJwvtQpdUJqRrwlOYCQRfOhOHL8xu26Zhj39fESdXF%2FplkITHyA6SJ1AoxE5PQwb4PTulQMPCmcBP0nBceoZrYhUVeBaEBLLbqAVEFX4YBPWyE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://abelectivirean.com
access-control-allow-credentials: true
cf-ray: 81ac1124ab3a12b5-MRS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 70ms
67ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3466556&checkDuplicate=true&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7c78bc009e2f9149ca0ca3227c1f2e9d015faca0420659a7156a477b0fcbae05

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abelectivirean.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
abelectivirean.com/ 805 B
985 B 109ms
109ms Fetch
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/zone?&pub=0&zone_id=3466556&is_mobile=false&domain=abelectivirean.com&var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 14a1d9f8255e7cfbdc55fa9781c0ba0f
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4xAYMIahXPJo5SBp5jQbucAh84685oydbheOY7eKbm21t%2BRhWV1QnxOfMa1DDlKFAorwFeWMmphpBj5T%2FthuXIbfQnNitxXJjnX5M8Xftzl9yflgE6kCyjGdNhuzL%2FJBhDyElo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 81ac1124db4612b5-MRS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 / Show response
abelectivirean.com/ 33 KB
12 KB 171ms
170ms Document
text/html 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 26968c83e5ff063e61110bfc1c2d296a22537abc80f763eaa6dd1febfdbcb161

Request headers

Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ac11254c3d12b5-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 18:33:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrG37ueDJxT7mQg6ECnGaFXDu4kVZy%2Fo6mNY%2BPb0QMaBqJxZPnTwkX6gFyKCnLc6UgBoqYDCC1uCiUXM2%2BoptqMXTsUlMTA7YttWqaKOG1mNivbYF8R8Q5vJPFekAaTht%2BF6e9I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ 7 KB
1 KB 40ms
40ms Stylesheet
text/css 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/subscriptions/universal/css/style.css?v=2
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 15:51:00 GMT
server: cloudflare
age: 5841
etag: W/"6532a1e4-1bb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 81ac11265c371bac-MAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 micro.tag.min.js Show response
abelectivirean.com/pfe/current/ 26 KB
11 KB 98ms
97ms Script
application/javascript 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742b2ae34faf5c9d2eae29e03dec10f96c5383043da38de7ffeb6e2e3439d774

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Oct 2023 14:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65368505-68ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJstb5%2BdNH44Gj82EshOT24ukrBFql4PnhfXAkAEAle7JRxc8rtnaPWD48J0P9r1oehgEAMTLaOZIkEHeq0zSjqRWQm2PkOwvUedm1RaEIPFxR709MjIr1%2Frdq4nfguvS9n5bf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 81ac11267ebc12b5-MRS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
abelectivirean.com/19/3466561/ 3 KB
2 KB 95ms
95ms XHR
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/19/3466561/?abt_opts=1&var=20870841&var3=2d7dfd614acf7f82cbda8ee37aa9bd75&ymid=&rhd=1

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3e158546a0ca98b89be9b0b21d1fb8438f3ce57bc2ef454d5ea8337c220e874

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 127883f5a176d2b1e22fe14ae08a33b4
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIrookLSI824vxb%2FvxGLfDk6POZpwr0%2BOYKdc13FO3NF%2BpRtgiEgvqYRGRKSIZw3%2FEkFi4TV4I8QL3G2x3jz%2FJk0hPkyHNXY5doewi38RNkVMEp7Qs7KRquuohA7B6yZDLBsdRI%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81ac11267ec312b5-MRS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
abelectivirean.com/ 2 B
530 B 94ms
94ms XHR
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2&mprtr=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAE5HXk6NdIKDK9GRD2WxDWPtGyaSHN%2FuVakJ2RgrfcEMwbucG0ScUzGBbplrrz8%2FVBKc1x6k6EKdoMfTBgcZ77J1iXwjdOu%2BC20K7ralk0DGBjuOBCSJzvU4qEUKgi6hYramFk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 81ac1126af0312b5-MRS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
abelectivirean.com/ 2 KB
2 KB 108ms
107ms Fetch
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/rhd?rb=N6WuG8NDC-SRhI15ylI6odsXx-98kasR-6IYEpPBq1oXLeWGsKl89zDqf0JNEXjnFP7KYDvKcW8a1UN0_s8fPDq86bzgQBV61nmv1o294CUoGPAYCyHj3SBXjxa81AQbMY2ymojVAASOJJ3TrX_oaoqPirxA7s9iyTZyS6iQwaZHtr2BNHo1AziuNvYkEtIhZVXq611UCzqTBmLI-m1LHk1qi0vcB9XpfSqZ0PfhT-AlBQkd-AEqOI-bgPwi5jBwFrNaIrSPF1dda2SngYOGUDZKskNzzW6jrYXoxateckTGdj8cXWUhyknc5L5CTrLRkb0_R6ghEaffhknJeBEFkpkn4oTHtyQk5O9fQCr2oTwhOW4HF_6y_8OL1jXS_4pdaJVV2oZCZmPIr2eMrilh0uYHYNB64gbgv4HwEZmxwnfwCCVMpNZSEg%3D%3D&request_ab2=0&zoneid=3466561&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fabelectivirean.com%2F%3Fl%3DiH47gisHzJTX88e%26s%3D2d7dfd614acf7f82cbda8ee37aa9bd75%26z%3D20870841%26rdc%3D2&drf=https%3A%2F%2Fabelectivirean.com%2F%3Fl%3DiH47gisHzJTX88e%26s%3D2d7dfd614acf7f82cbda8ee37aa9bd75%26z%3D20870841&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=20870841&var3=2d7dfd614acf7f82cbda8ee37aa9bd75&ymid=&rhd=1&m=link

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3045335830c990f1a9ada472c1e7feb5beca833c979927447e19ec3ac4523a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 64d0bdfe688aa1cd06c04dcefd9d0b07
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVk%2BHWrl16hjCSPNFhvH%2FqSEjGhSM7tJ%2F4Jk8z1dQLI9kAIImH%2FnNdiv2tezvBoEhHHYlfZ%2B9egubYLfq6w1y%2FT%2FcAZ14J1010Wsi4uHjxe8KEcXJcxrjrL9PfS7DLe2jA6ga7c%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81ac1127387b12b5-MRS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 3466556
abelectivirean.com/sw-check-permissions/ 0
955 B 110ms
110ms Other
application/javascript 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abelectivirean.com/sw-check-permissions/3466556?var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&uhd=1
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnpQEfADIBSjZPRtLROMz6w4Rj1PbBsQD%2BSGUa%2BjlZ14ijCwJOiLbkWNeF1Ja%2B3t49e3OY8boaAQKy5sOUj1GFmBat63DNRdvsv%2FX%2B%2FztUc9s1X8CYU6EDQuP%2FQxPKf7DOaL%2FMU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 81ac1127388312b5-MRS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
abelectivirean.com/ 0
490 B 120ms
120ms Ping
text/plain 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/zone?&pub=0&zone_id=3466556&is_mobile=false&domain=abelectivirean.com&var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-trace-id: 6d2dfcc2423b3e09d9f1abdf8a7c3a04
date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb3MmHk9e2RmZeMSAPZnte7SrYjQu6shgYvKwTNzZFOOQUNpTkrm2wxpSEJH3xhn0kUj9dZFEV1XRyrklUjs6vWkHD7D9Os4dXwE3EdP4AH23dSoK0uZf%2BnMUfJnjUMsf1El4DQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://abelectivirean.com
access-control-allow-credentials: true
cf-ray: 81ac1127388912b5-MRS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 70ms
70ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3466556&checkDuplicate=true&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7c78bc009e2f9149ca0ca3227c1f2e9d015faca0420659a7156a477b0fcbae05

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abelectivirean.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
abelectivirean.com/ 805 B
988 B 118ms
118ms Fetch
application/json 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/zone?&pub=0&zone_id=3466556&is_mobile=false&domain=abelectivirean.com&var=20870841&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/pfe/current/micro.tag.min.js?z=3466556&ymid=2d7dfd614acf7f82cbda8ee37aa9bd75&var=20870841&sw=/sw-check-permissions/3466556&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0feda2ef503d1e5b056ddcdac185df31818c07834970a6f9adb66ea3b032d43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 24c50318ecf0568cdd184d177c95d975
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKW8Dsj9VeQyEAXpR9%2BoP1wqIGoREg4w%2Fr9XLdrcGhH9%2FfNFaMeZNXr39l7jEGZ%2BzX3VT8fdfgAPP35DTNtcy6h6X8cxlJhbZExnkbnSNMHDuAzD1CBT6xfnVa44jeStvvdjRfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 81ac1127388f12b5-MRS
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H2 200 /
ak.deephicy.net/4/6118780/ 1 KB
2 KB 321ms
94ms Document
text/html 2.16.202.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.deephicy.net/4/6118780/?var=3466561&oaid=9f38a48c05e730636a8c592b3d73328d
Requested by: Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 668
content-type: text/html; charset=utf8
date: Mon, 23 Oct 2023 18:33:12 GMT
expires: Mon, 23 Oct 2023 18:33:12 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://promo.pixelsee.app>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 68ff94c8d06e4fb8c224d499d7ad063f

POST
H3 200 cat.php
abelectivirean.com/ 0
763 B 81ms
81ms Ping
text/plain 172.67.138.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://abelectivirean.com/cat.php?userId=9f38a48c05e730636a8c592b3d73328d&zoneid=3466561&rb=N6WuG8NDC-SRhI15ylI6odsXx-98kasR-6IYEpPBq1oXLeWGsKl89zDqf0JNEXjnFP7KYDvKcW8a1UN0_s8fPDq86bzgQBV61nmv1o294CUoGPAYCyHj3SBXjxa81AQbMY2ymojVAASOJJ3TrX_oaoqPirxA7s9iyTZyS6iQwaZHtr2BNHo1AziuNvYkEtIhZVXq611UCzqTBmLI-m1LHk1qi0vcB9XpfSqZ0PfhT-AlBQkd-AEqOI-bgPwi5jBwFrNaIrSPF1dda2SngYOGUDZKskNzzW6jrYXoxateckTGdj8cXWUhyknc5L5CTrLRkb0_R6ghEaffhknJeBEFkpkn4oTHtyQk5O9fQCr2oTwhOW4HF_6y_8OL1jXS_4pdaJVV2oZCZmPIr2eMrilh0uYHYNB64gbgv4HwEZmxwnfwCCVMpNZSEg==&var=20870841&var3=2d7dfd614acf7f82cbda8ee37aa9bd75&ymid=&rhd=1

Requested by

Host: abelectivirean.com
URL: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.138.46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://abelectivirean.com/?l=iH47gisHzJTX88e&s=2d7dfd614acf7f82cbda8ee37aa9bd75&z=20870841&rdc=2
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 673aac27797e1058c5579998d42f3f42
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DySrrG3N%2Brl4%2FSxccRe5KV2Sxko%2BI5F4v6PmqlplRQiYT4%2Fac8p%2FE1pp6brLLQf0UBQnVD4AIFBLGz1Q8JUqcXX7HzxNvoC%2BO5n9JjR2lobVuZFtcnJ4l17eFwNC2vOC25U9CGg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://abelectivirean.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81ac112acf7812b5-MRS
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
506 B 72ms
72ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=9f38a48c05e730636a8c592b3d73328d

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=3466561&oaid=9f38a48c05e730636a8c592b3d73328d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://ak.deephicy.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 Primary Request / Show response
promo.pixelsee.app/ 18 KB
5 KB 207ms
128ms Document
text/html 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Requested by: Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=3466561&oaid=9f38a48c05e730636a8c592b3d73328d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75935dac7af1a8ebd6095a9aabdd08b4daa218a94ccd0129c65debaf5f4c8fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ac112d5e230412-MAD
content-encoding: br
content-type: text/html
date: Mon, 23 Oct 2023 18:33:12 GMT
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEfvK%2BTtMh1bzHNlU12BBsGSBZfvXe4exxW8IDor8IB1R%2Bh3dkWNJVoBm%2BXM78%2FxvaW15dslHpKzEhfVHNkFYAQTVLApJ5Lfr1q%2BUavPl3LqyHylqdGtRBpSdIcaZ91wcU%2F8UbxZZqbgbygiriKqAq4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: txd8944d477794414895486-006536bc68
x-amz-request-id: txd8944d477794414895486-006536bc68
x-amz-version-id: 1696326436522816

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 223ms
77ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 18:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 17:13:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 18:33:12 GMT

GET
H2 200 style.min.css
promo.pixelsee.app/css/ 31 KB
6 KB 48ms
45ms Stylesheet
text/css 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1696326435888990
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txd912c8a615144d9a8fecc-00651f4f93
age: 4076
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txd912c8a615144d9a8fecc-00651f4f93
last-modified: Tue, 03 Oct 2023 09:47:15 GMT
server: cloudflare
etag: W/"583046cc62873e13de5979a19472fefb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eenCErJv435GlyUSrLgO7CiNrmGfRgwLnwQjOwNrIf7H63wMiH4Bd%2F2dNm2XvmiNhKVVNJDzPtdOyXOCFshTW0y2S%2FN3HDZ%2FS2oWlkHTlvAMMC7fV9TWMFN3pJyaIJRxu6wT79LBoW6QYR6bj3CUQcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81ac112e4f790412-MAD

GET
H2 200 baloon.min.css
promo.pixelsee.app/css/ 4 KB
2 KB 45ms
41ms Stylesheet
text/css 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/baloon.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1696246148286417
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx91acf99b22d04dc7a9c45-00651aab65
age: 4076
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx91acf99b22d04dc7a9c45-00651aab65
last-modified: Mon, 02 Oct 2023 11:29:08 GMT
server: cloudflare
etag: W/"e38b048988db68478be49dda0683fa7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oEFq4K4iWVUUZqlhF6lpjU43rgqsm2%2F0kwIYYLwqxo3bryciWn4gv4jFCIuZj13h22cQh7X%2BaCIZCrZXklKh2YGIrM07L7xc0Ry2wA05VBTHvkf4b%2BCwqq9GEpTSS5If5we5G4Bae99oFjURujz3bY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81ac112e4f7a0412-MAD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 195ms
67ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dda5355e6421b04278db4191e957e95107d9067b9eb42e846e62529d429aeb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:33:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 255ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4e01d8239358c7daee6df2a8960b8075c6d57c3180ff52f5d05b18d456076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Origin: https://promo.pixelsee.app
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51079
x-xss-protection: 0
server: cafe
etag: 2928095024467592668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 18:33:13 GMT

GET
H3 200 logo.svg
promo.pixelsee.app/images/ 2 KB
1 KB 55ms
52ms Image
image/svg+xml 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/logo.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1690210838551393
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txeb6b7e599ba4433f9bec9-0064be9282
age: 6618
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txeb6b7e599ba4433f9bec9-0064be9282
last-modified: Mon, 24 Jul 2023 15:00:38 GMT
server: cloudflare
etag: W/"9bb77a42ae4c13b0a557d3496c62af46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvXOkvOYuOp9By1rbJsQt25ykpS%2B3GLyQx27fuo%2Bz%2BPgopGIuInKmCrQrP8jQGjSHhZQJH%2FQWSUDqgjGgFC8l0qqr9utKfJaVD6PJtYd%2BHlMQvc2ggvkzBBT4g3wWz%2FhnibFEEo4EsDDUHByeBRwi40%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 81ac112faa2669f0-MAD

GET
H2 200 email-decode.min.js Show response
promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 36ms
34ms Script
application/javascript 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d1f47-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlODg5DOypcjlLZ7c4dbKSgndEO3IisjVU8ikgAadVjSpeDipKcvM0Q0vbC4joY%2F38E8yL2lz5BE7KGF88eCG3ApLcZiomWlUrXrX1hiGWtSU%2BPANLHNcA7UTzEYAjMUP50a0B4%2BRNJuruJ29Bp4k88%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81ac112e4f7b0412-MAD
expires: Wed, 25 Oct 2023 18:33:12 GMT

GET
H2 200 application.js Show response
promo.pixelsee.app/js/ 126 KB
40 KB 63ms
61ms Script
application/javascript 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/js/application.js?ver=3
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1696326436638730
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx4d3d1f786b5149a8ac2df-00651f4db1
age: 6898
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx4d3d1f786b5149a8ac2df-00651f4db1
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
server: cloudflare
etag: W/"5a7b051a55bdca147ddc04e8ae0070f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3Nk%2F4m%2Bmbvd0A6clroyIKbkRYQnjA3V%2BbJ8Cy%2Fbx9pKmHkgGBrcGK2n%2FrzERprHwWwz4NCjY8yGAToGaK1Sl3bIsTO8uz5d8tAzGv%2FMVkVyYUnditUcX16hg6ZSYrrd4jumpz8ZVRJPvRhT40LWHZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81ac112e4f7d0412-MAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 185ms
58ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 23 Oct 2023 18:33:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PAaYvIPx59G1r79yIYzX3GBllIckoodF3YZvCt+S3WzWSxk1roY9K8un95K3WJvU6V2h/0o6A2Vy3a09eTAXFw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sprite.svg
promo.pixelsee.app/images/ 1 KB
1 KB 42ms
40ms Other
image/svg+xml 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/images/sprite.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662702053
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx1f3cd62a66434291b0161-006518d672
age: 6491
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx1f3cd62a66434291b0161-006518d672
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: W/"4e5148bc1a0851551c8ada00c5701ed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDucgt8Pf7zRmDy0sjle7qrzve0JNQEkBI%2Fd5segKjN3ryvURZQvUergGBv5h5T7nFa1lSQW83XqS2smV5A1HGDRuBOVM6HC29c8yToLQ2GcXW3l%2BNLGpl7aPBY7FILt2ibdBO7ZCeezleYnJNkzrVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 81ac112faa2869f0-MAD

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-play.svg
promo.pixelsee.app/images/icons/ 231 B
762 B 44ms
44ms Image
image/svg+xml 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/icons/icon-play.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662396627
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx1c7d510aac5246818f1b8-006518d672
age: 6299
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx1c7d510aac5246818f1b8-006518d672
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: W/"9fa059b1263d655c92304062c10cc3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkEI4c18g2cVRpiSp1mxIfb8IYrLPRhuQVBDu0WmBZFMHBHY0C3uyq5AF8PdDnMDEhS1SqwxGnKJp7Ojxze%2Bwua3OCWY6hsKLo7xx8AqgluO9e14lqQfQ%2B5CtuqFND%2FxYbIHy6Sm2PB1rhWMQ7IVEtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 81ac112fba4069f0-MAD

GET
H3 200 tv.png
promo.pixelsee.app/images/load/ 476 B
1 KB 61ms
60ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/tv.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1690210838558670
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx777cf4f9bacd4ea0bf909-0064be9282
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 476
x-amz-id-2: tx777cf4f9bacd4ea0bf909-0064be9282
last-modified: Mon, 24 Jul 2023 15:00:38 GMT
server: cloudflare
etag: "03be608276b4b9c8d314812f18a9feed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDAXUlIfC83UBiIFXQuw3bwXUaaERQdjnJ3%2F6t5TRLYOSWeoLdDpdupTqS1wptW6LhUW2ZLeAjVXlyJ5zNPS3TrkjIndT7Fe80k5A21ZnuZnj4KOWZekuQdEUrPF1VWDRd8axi%2FQftMSXwrUWxGGHMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4569f0-MAD

GET
H3 200 playlist.png
promo.pixelsee.app/images/load/ 215 B
796 B 42ms
41ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/playlist.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662208915
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx848a1ed6539c424398a59-0065129280
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 215
x-amz-id-2: tx848a1ed6539c424398a59-0065129280
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "38868742975def4cf1abe3c2034c968e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaE7wSu97V%2B7Gkx7fYuwwFFM31fLUmhAMxtFAsqCTY1DpV07i20m0RWNSdqr58aLwpBPhiHWqfKR%2BME5CUUz9DPO%2BfugGgP8tX0Co0sYG9kTMTEpiB2sc9rkgYkf9JTOvraBGkwKZ1OEl1BIdzWq2e8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4969f0-MAD

GET
H3 200 pause.png
promo.pixelsee.app/images/load/ 552 B
1 KB 42ms
40ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/pause.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1696326436143819
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx3550b8fd84a64f609cc51-006524ca49
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 552
x-amz-id-2: tx3550b8fd84a64f609cc51-006524ca49
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
server: cloudflare
etag: "7f147decd06cd1ab5a8f539d55ceffe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBumlpjhbTi8%2FGYqKr6EeSKG0VFjivvpttlj6riyWrj1jDPmEsO3nY4gFQw0NGecuQMtAymFJP6Xr%2FlxZUK98wIDevrn5qB8kqoFI0DTgnZTp%2Fva8LDD792OeHBLcKAtEqkZ8hborWvWPRdU1ccgAjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4a69f0-MAD

GET
H3 200 subtitles.png
promo.pixelsee.app/images/load/ 193 B
778 B 48ms
47ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/subtitles.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662596062
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx90328feca8754696a4489-0065129280
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 193
x-amz-id-2: tx90328feca8754696a4489-0065129280
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "a47325f449f3eb00d2f47d61f39eb065"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOxJLSz1NqPiivZnxUKw%2FPlQYR2b2eJ78rgMBADYzL%2FsSyHarnvRc15zUMScB%2BPXWwLeinSCsoJq9H4sjldq2Nx0YMLA5RF9RweclZntQtYr3lO%2FCFCS7XbggeHXyGpEofOXthJuk7Y4faWgLNjCxXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4b69f0-MAD

GET
H3 200 windows.png
promo.pixelsee.app/images/load/ 214 B
796 B 50ms
48ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/windows.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1690210838461811
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx453f60290d174c6080cc6-0064be9282
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 214
x-amz-id-2: tx453f60290d174c6080cc6-0064be9282
last-modified: Mon, 24 Jul 2023 15:00:38 GMT
server: cloudflare
etag: "1982b726d7da6c46b504c6d859edb218"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrBWuDKUo19VchUHGLuKJnkzJIe%2B%2FaH2O0ByDejE0VFQs1mM3gR7LrKyuc7z9hNIgAvOaZMW8SfDidtXAxzOOrXFYBJE7qkuo1uCxSD%2Bi556Mk0pcN6MVOOmibBxsZ%2FdYX2jFsTfWRyDfTD9M51Qqfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4d69f0-MAD

GET
H3 200 play.png
promo.pixelsee.app/images/load/ 411 B
997 B 51ms
50ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/play.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662798013
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx6d453aeb01094ddcac83e-006518d672
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 411
x-amz-id-2: tx6d453aeb01094ddcac83e-006518d672
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "152bad15fdcef8e2dc4248fd58794e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw21WEBraK5dA%2FY0NAC0uVmrCZbvo%2F1g%2BMt5e%2BE4y8e7QMq4KqOkBqihLtIYamd2i1lldC1zIX%2B7jEuiewAgD40RWk%2FCgGN162qqWjGb6tRxh3bwI9%2FmA7foODWUUctwpDLB4gMjTuXS7Qo3BmQi0Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba4f69f0-MAD

GET
H3 200 footer-decor.png
promo.pixelsee.app/images/footer/ 3 KB
4 KB 48ms
47ms Image
image/png 2606:4700:3034::6815:7a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/footer/footer-decor.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:12 GMT
x-amz-version-id: 1694514662373459
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx276bb0f679fc48d2a8a25-006518d672
age: 6299
alt-svc: h3=":443"; ma=86400
content-length: 3474
x-amz-id-2: tx276bb0f679fc48d2a8a25-006518d672
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "af15b8bc22a4d8aa6166d1f8e1ff4c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHdmhgLlh9O7F8OKDs2Whmf8GN3w5IzqHGsTcmcvU25Ve5G2gfs8S3YLQoNW1XeZOAs9H8%2Fd2M%2FhDDZy0Y0%2F2asDVJozGDW%2FJ4f4BuOHSJVD%2FlZ4YkR%2BW9OBndgI5iHdLhpo4XtILKOhfJV4I4wN7e8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81ac112fba5069f0-MAD

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 187ms
60ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.pixelsee.app
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 346514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:17:59 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 137ms
53ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TKL2XXV026&gtm=45je3ai0&_p=102549272&_gaz=1&cid=1204114218.1698085993&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698085993&sct=1&seg=0&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023%26sub2%3Dpropeller%26sub6%3D740388914363380552&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 166ms
56ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TKL2XXV026&cid=1204114218.1698085993&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d869440e1eef9f13e88fb99ce0e15a5e2fbdc66810e1eff0a4fd521d2bed30a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 18:33:13 GMT

GET
H2 200 ga-audiences
www.google.es/ads/ 42 B
408 B 226ms
100ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TKL2XXV026&cid=1204114218.1698085993&gtm=45je3ai0&aip=1&z=1748293715

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 787001845751676 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/787001845751676?v=2.9.135&r=stable&domain=promo.pixelsee.app

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9acb807e26fe6cdfc2bd347d67d732d73079cf1779041b3de8bfab96e8f347

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 23 Oct 2023 18:33:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35474
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7YbHgSE3idh9N1q1h/8ULfQwjRyWqBLeiIDbC5ZaO4R75vM0/OJFb2Fx8fgLxu9cPa72A3/IWhO91x7tuaG6bw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 190ms
60ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Oct 2023 17:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2500
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 23 Oct 2023 19:51:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ 394 KB
134 KB 286ms
164ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app&bust=31079012

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4d6738cc43cfaae796d35d32df46a5203e6087c095e55f57b15f657a3ed982f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136925
x-xss-protection: 0
server: cafe
etag: 1511734385350546911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 18:33:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame 9F07 10 KB
5 KB 190ms
60ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 25672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 11:25:21 GMT
etag: 4569948109300706969
expires: Mon, 06 Nov 2023 11:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 179ms
57ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=787001845751676&ev=PageView&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023%26sub2%3Dpropeller%26sub6%3D740388914363380552&rl=&if=false&ts=1698085993295&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698085993294.881222770&ler=empty&it=1698085993205&coo=false&rqm=GET

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 23 Oct 2023 18:33:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 68ms
67ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=102549272&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023%26sub2%3Dpropeller%26sub6%3D740388914363380552&ul=en-us&de=UTF-8&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1753753639&gjid=25036356&cid=1204114218.1698085993&tid=UA-229973687-1&_gid=1179116538.1698085993&_r=1&gtm=457e3ai0&jsscut=1&z=364435945

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.pixelsee.app/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 58ms
57ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-229973687-1&cid=1204114218.1698085993&jid=1753753639&gjid=25036356&_gid=1179116538.1698085993&_u=YADAAUAAAAAAACAAI~&z=1318883918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.pixelsee.app/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 23 Oct 2023 18:33:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 214ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=promo.pixelsee.app&callback=_gfp_s_&client=ca-pub-5826337412698082

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app&bust=31079012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a643a586bd0b51057b54ceb526475642d6abaea2ca91b28eb894b8cfa203081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC8F 603 B
245 B 235ms
234ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696322836&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023%26sub2%3Dpropeller%26sub6%3D740388914363380552&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698085993242&bpp=2&bdt=586&idt=484&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5948619919251&frm=20&pv=2&ga_vid=1204114218.1698085993&ga_sid=1698085994&ga_hid=102549272&ga_fc=1&u_tz=60&u_his=26&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805533%2C44805931%2C31078297%2C31079012%2C44803793%2C21065725&oid=2&pvsid=1068570866624256&tmod=449237786&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=511

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 18:33:13 GMT
expires: Mon, 23 Oct 2023 18:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 168ms
168ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.25_13_10_2023&sub2=propeller&sub6=740388914363380552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 18:33:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
111ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

213056baadef067b19bacb18bc6c6deb990d2178f35c57c25df2797fd8aa68fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12269
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 235ms
75ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 18:33:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7669 13 KB
5 KB 62ms
60ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 167258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 20:05:36 GMT
expires: Sun, 20 Oct 2024 20:05:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 297E 829 B
1 KB 196ms
68ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d06af44888df9fa21a31eb0c0bc939d088730cfe291d008c69f673903c424b03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3F0DzeyUypRCrY9Tltl-KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3F0DzeyUypRCrY9Tltl-KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 18:33:14 GMT
expires: Mon, 23 Oct 2023 18:33:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7669 37 KB
14 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:31:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Oct 2024 17:31:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 297E 0
0 162ms
162ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=1068570866624256&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7669 0
10 B 69ms
69ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fG-WFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:33:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 169ms
169ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=1068570866624256&bg=!-_il-LfNAAbDUgby41I7ADQBe5WfOOUGi9658l3eTUHyR6jU5vgFarVhNpOSTkohgYGfUEYhrtFLI41x8H7UVROFgY0TAgAAAGNSAAAAAmgBBwoAHvB4SDxzg1wyp1P4FW-oiw7-3TFSnBuj1qHQe7M2zJkCu8JeIAyrV_IMtZOV9r2iPKRy7tf82dmkl8FO2OFdzmGAlYmOzdJWFpyuQrLPwj2AtD8Fz1Cf7mtB7-dSztNLWrjiHkQ8vNQrOXC93gsXQiuW59hNThuJydFHvaNWDryu_2Dass8PqpJwzqSgPl1hAfF3g1xnRT4Vi2aDyw6EET0c7P8_e1Fi5wh2WjUnUmJ5YDMVnhMn4ebLKqpGZrYBChXrG2PWTnKL3v8LeMj7-aM0rUeXEVVW9wk2xKCtXF2YA0a2Ylu2hgkG_xzHN5R_1wJv4ORknoHwRJQmZkRwzagBNJqzwaiqvT3F0JJd3rlsySwCMhyGiiOlZZxZvU6UmUTtHgEiS0sHMRFR9ewHNeQv7w2uMWcn60-I2Z9wUO687ForD0XLfi9yWGSSj2lMgbJsNB8XqYaNypZYWfBhfltusCxx5GDbF0s9GADW3ZqeZnUuivWpYjkDhywA4peMn2IT24oVGrX25rvnCI4-3U8nD-szytHBIvT7rb8zmWyLecIVdXH0K0HuMjQuffgovouyDnAJp-a2tjj4pgETfBdiwFyStSDeb4XBiD6BgUySwNV6mmKxLeV7vRl2Y5nAtbDEVAVwrFLRIOPBqPSgdV8CP_KkSEcErCkLzFZCqY2jZ5thma6-PK3xjdr2GOoRy1VN7BYFqypy41V23JZbfjbkUDWHYmmXxuEerKfIsX3gXo2JrsICS8W3iiBOvCt8-BI6KKgJ6B-NEtLOvXNN2ieg10dnBXBCV1_AwyiaBGWqYDxtZxNZd8W4zaPMIb2T1tdvUO7PicOpgAHEsQbuZTZYLeBsFsQA6pJhDfpfuoOBm3tPndBZNdpGp4SENxBRnlXWV8LfYYHHG9XjB3iaPQnFmd-J9BrxPNSQHiIEk1ijo30yjzV6XGcDP7WXHpMZ2_noQcXnTR54Bg75zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
abelectivirean.com/	1970-01-21 00:27:01	Name: OAID Value: 9f38a48c05e730636a8c592b3d73328d
abelectivirean.com/	1970-01-21 00:27:01	Name: oaidts Value: 1698085990
abelectivirean.com/	1970-01-20 15:41:26	Name: prefetchAd_3466561 Value: true
abelectivirean.com/	1970-01-21 01:17:25	Name: syncedCookie Value: true
my.rtmark.net/	1970-01-21 00:27:01	Name: ID Value: 86d6ab4f20d84652a7ef804870d787e8
abelectivirean.com/	1970-01-20 15:41:29	Name: reverse Value: 4C-_z8n7-M8Wx3NvFkVQc3wXrFbtd4XQuBnbsXgbYJY
ak.deephicy.net/	1970-01-21 00:27:01	Name: OAID Value: 9f38a48c05e730636a8c592b3d73328d
ak.deephicy.net/	1970-01-21 00:27:01	Name: oaidts Value: 1698085992
ak.deephicy.net/	1970-01-20 15:51:30	Name: syncedCookie Value: true
.pixelsee.app/	1970-01-21 01:17:25	Name: _ga_TKL2XXV026 Value: GS1.1.1698085993.1.0.1698085993.60.0.0
.pixelsee.app/	1970-01-20 17:51:01	Name: _fbp Value: fb.1.1698085993294.881222770
.pixelsee.app/	1970-01-21 01:17:25	Name: _ga Value: GA1.2.1204114218.1698085993
.pixelsee.app/	1970-01-20 15:42:52	Name: _gid Value: GA1.2.1179116538.1698085993
.pixelsee.app/	1970-01-20 15:41:26	Name: _gat_gtag_UA_229973687_1 Value: 1
.pixelsee.app/	1970-01-21 01:03:01	Name: __gads Value: ID=4b44092732081669-220aa42201e300bb:T=1698085993:RT=1698085993:S=ALNI_MY76D-o834UX5jIlaKHl6y3n7gKSg
.pixelsee.app/	1970-01-21 01:03:01	Name: __gpi Value: UID=00000ca16e1df26a:T=1698085993:RT=1698085993:S=ALNI_MaM7SgJTtWc6_gZ07bc2WqVzbjqHQ
.doubleclick.net/	1970-01-20 15:41:26	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abelectivirean.com
ak.deephicy.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
littlecdn.com
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
promo.pixelsee.app
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.es
www.googletagmanager.com
139.45.195.8
172.67.138.46
2.16.202.16
2001:4860:4802:34::36
2606:4700:10::6816:1874
2606:4700:3034::6815:7a1
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c0c::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a643a586bd0b51057b54ceb526475642d6abaea2ca91b28eb894b8cfa203081
0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e
0e4e01d8239358c7daee6df2a8960b8075c6d57c3180ff52f5d05b18d456076b
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0feda2ef503d1e5b056ddcdac185df31818c07834970a6f9adb66ea3b032d43e
213056baadef067b19bacb18bc6c6deb990d2178f35c57c25df2797fd8aa68fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26968c83e5ff063e61110bfc1c2d296a22537abc80f763eaa6dd1febfdbcb161
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c
3045335830c990f1a9ada472c1e7feb5beca833c979927447e19ec3ac4523a18
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558
3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f
495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169
4a9acb807e26fe6cdfc2bd347d67d732d73079cf1779041b3de8bfab96e8f347
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
742b2ae34faf5c9d2eae29e03dec10f96c5383043da38de7ffeb6e2e3439d774
75935dac7af1a8ebd6095a9aabdd08b4daa218a94ccd0129c65debaf5f4c8fda
780acd9be446c1676f579baddab6067f8194b407d0db8fa5798193cfb10e2062
7c78bc009e2f9149ca0ca3227c1f2e9d015faca0420659a7156a477b0fcbae05
8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
97ca147d748a5b2aa89eaf795c883e7196654ade348e51ea1948241e90e99b99
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcdef12f9bd1432de3f4e3b1c7aa3c93c1c15cea9fd7c0b065e5eb0acfa7f3b0
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f
d06af44888df9fa21a31eb0c0bc939d088730cfe291d008c69f673903c424b03
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b
d869440e1eef9f13e88fb99ce0e15a5e2fbdc66810e1eff0a4fd521d2bed30a4
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a
dda5355e6421b04278db4191e957e95107d9067b9eb42e846e62529d429aeb25
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e158546a0ca98b89be9b0b21d1fb8438f3ce57bc2ef454d5ea8337c220e874
f4d6738cc43cfaae796d35d32df46a5203e6087c095e55f57b15f657a3ed982f

promo.pixelsee.app Open in urlscan Pro 2606:4700:3034::6815:7a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

84 %IPv6

16 Domains

19 Subdomains

20 IPs

4 Countries

667 kBTransfer

1854 kBSize

17 Cookies

5 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.pixelsee.app Open in urlscan Pro
2606:4700:3034::6815:7a1 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

84 %
IPv6

16
Domains

19
Subdomains

20
IPs

4
Countries

667 kB
Transfer

1854 kB
Size

17
Cookies

66 HTTP transactions
1 data transactions