www.bolivia.com Open in urlscan Pro
107.0.22.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bolivia.com/Servicios/Plandenumeracion.pdf
Effective URL:
https://www.bolivia.com/
Submission: On April 27 via api (April 27th 2021, 1:42:01 pm UTC) from US

Summary HTTP 73 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 16 domains to perform 73 HTTP transactions. The main IP is 107.0.22.33, located in Colonial Heights, United States and belongs to COMCAST-7015, US. The main domain is www.bolivia.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 13th 2020. Valid for: a year.

This is the only time www.bolivia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	107.0.22.33 107.0.22.33	7015 (COMCAST-7015) (COMCAST-7015)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
9	34.117.63.36 34.117.63.36	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
73	29

3 107.0.22.33 (Colonial Heights, United States) 2 redirects

ASN7015 (COMCAST-7015, US)
PTR: www.bolivia.com

www.bolivia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.117.63.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.63.117.34.bc.googleusercontent.com

cdn.bolivia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	111 KB
18	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	184 KB
12	bolivia.com 2 redirects www.bolivia.com cdn.bolivia.com	173 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com 1 redirects adservice.google.com www.google.com	822 B
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
3	googletagservices.com www.googletagservices.com	98 KB
3	unpkg.com 2 redirects unpkg.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	jsdelivr.net cdn.jsdelivr.net	45 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	2mdn.net s0.2mdn.net	29 KB
1	google.de www.google.de	107 B
1	google.co.uk adservice.google.co.uk	799 B
1	googletagmanager.com www.googletagmanager.com	43 KB
73	16

	Domain	Requested by
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.bolivia.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	cdn.bolivia.com	www.bolivia.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.bolivia.com securepubads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com www.bolivia.com
4	www.google.com	1 redirects www.bolivia.com tpc.googlesyndication.com e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
3	e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	unpkg.com	2 redirects www.bolivia.com
3	www.bolivia.com	2 redirects
2	ad.doubleclick.net	1 redirects e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	www.bolivia.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	s0.2mdn.net	e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
1	www.google.de	www.bolivia.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	ajax.googleapis.com	www.bolivia.com
1	www.googletagmanager.com	www.bolivia.com
73	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.interlatin.com
www.colombia.com
www.futbolargentino.com
www.futbolperuano.com
www.whatthegirl.com

Subject Issuer	Validity	Valid
*.bolivia.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-13` - `2021-05-13`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.google.co.uk GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.bolivia.com/
Frame ID: 97E0BD8F4DA5B1C88B0EB02F07E64655
Requests: 35 HTTP requests in this frame

Frame: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06A7658EBC13D4A63A06B5E5D1A877BA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg
Frame ID: 2440509279985C1ED3809D9E55791DC1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9736C9CFA5E14244C1B2311F167C357B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40EA66D0EA347E2DD0488DB58CCE6D8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0BF2E0B7A14F2D2A4C4B79B8156AD6DA
Requests: 3 HTTP requests in this frame

Frame: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A89B4736ACA6568F0DA86E84D4801F6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html
Frame ID: 331FA8F3ADBEEE155099AACE916B4FC2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 77BA79863A62ED3F41F7903CFBD59C4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bolivia.com/Servicios/Plandenumeracion.pdf HTTP 301
https://www.bolivia.com/Servicios/Plandenumeracion.pdf HTTP 301
http://www.bolivia.com/ HTTP 307
https://www.bolivia.com/ Page URL

Page Statistics

73
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

26
Subdomains

29
IPs

3
Countries

775 kB
Transfer

2074 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/wwwboliviacom

Search URL Search Domain Scan URL

URL: https://twitter.com/wwwboliviacom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bolivia_com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJR48lUqCU8Sk5cLmW32RrQ/featured

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=yALpr8vEBKI
Title:

Search URL Search Domain Scan URL

URL: https://www.interlatin.com/
Title: Grupo interlatin

Search URL Search Domain Scan URL

URL: https://www.colombia.com/
Title: colombia.com

Search URL Search Domain Scan URL

URL: https://www.futbolargentino.com/
Title: futbolargentino.com

Search URL Search Domain Scan URL

URL: https://www.futbolperuano.com/
Title: futbolperuano.com

Search URL Search Domain Scan URL

URL: https://www.whatthegirl.com/
Title: whatthegirl.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bolivia.com/Servicios/Plandenumeracion.pdf HTTP 301
https://www.bolivia.com/Servicios/Plandenumeracion.pdf HTTP 301
http://www.bolivia.com/ HTTP 307
https://www.bolivia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@1.1.1 HTTP 302
https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1&C=1

Request Chain 41

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIgUmAciVVuLhWdktEwMmAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELozDrJ6KTc2ZLzHLEhtdkw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELozDrJ6KTc2ZLzHLEhtdkw%26google_cver%3D1

Request Chain 43

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyMzc1NjAzOTMyOTIxMzczOQ%3D%3D

Request Chain 60

https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;dc_pre=CLeZjuLGnvACFTFR5QodX3UDJQ;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

73 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bolivia.com/
Redirect Chain

http://www.bolivia.com/Servicios/Plandenumeracion.pdf
https://www.bolivia.com/Servicios/Plandenumeracion.pdf
http://www.bolivia.com/
https://www.bolivia.com/

224 KB
50 KB

94ms
94ms

Document
text/html

107.0.22.33
COMCAST-7015

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bolivia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.0.22.33 Colonial Heights, United States, ASN7015 (COMCAST-7015, US),

Reverse DNS

www.bolivia.com

Software

Interlatin / Interlatin

Resource Hash

10028592f6c99d3fefd4f2b8ba5603a0d9ebb95fa95ac3a438697d84ee7389a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.bolivia.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=120
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Interlatin
x-aspnet-version: 4.0.30319
x-powered-by: Interlatin
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-frame-options: sameorigin
date: Tue, 27 Apr 2021 13:41:42 GMT
content-length: 51143

Redirect headers

Location: https://www.bolivia.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
24 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.bolivia.com
Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6619348
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 23906
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
x-served-by: cache-fra19153-FRA, cache-hhn4051-HHN
date: Tue, 27 Apr 2021 13:41:43 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 globales-0.0.4.min.css
cdn.bolivia.com/css/v2/ 29 KB
5 KB 31ms
7ms Stylesheet
text/css 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bolivia.com/css/v2/globales-0.0.4.min.css
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: 5c3389dfcc1d2ec23bd679af5166909e8b8821e1bdaf33c3a9e02ee3f55d9761

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 05:55:29 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 22:18:12 GMT
server: Interlatin
age: 373574
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 5100
via: 1.1 google

GET
H2 200 home-principal-0.0.1.min.css
cdn.bolivia.com/css/v2/ 48 KB
7 KB 31ms
7ms Stylesheet
text/css 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bolivia.com/css/v2/home-principal-0.0.1.min.css
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: 9cbd36ac0948a1d1d771d830d73de05656ce5fffccc60c9ce50df9825614d991

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 12:40:29 GMT
content-encoding: br
last-modified: Fri, 26 Mar 2021 15:26:50 GMT
server: Interlatin
age: 262874
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 6800
via: 1.1 google

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 37ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

9c74a639868d8c804dec10ee2afe8c23027fec28a0ce1e5cd3bdbaf466cec169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 485 of 1000 / last-modified: 1619521817"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21183
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H2 200 bol-900655.webp
cdn.bolivia.com/sdi/2021/03/15/ 18 KB
18 KB 7ms
7ms Image
image/webp 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bolivia.com/sdi/2021/03/15/bol-900655.webp
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: d9d218658c279ec0ee43a77064f4a07ed2163340d65ab7f5e433557049be35bb

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:37:15 GMT
via: 1.1 google
last-modified: Mon, 15 Mar 2021 13:14:39 GMT
server: Interlatin
age: 83068
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 18138

GET
H2 200 previa-bahia-vs-guabira-copa-sudamericana-913107.webp
cdn.bolivia.com/sdi/2021/04/26/ 53 KB
53 KB 186ms
185ms Image
image/webp 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bolivia.com/sdi/2021/04/26/previa-bahia-vs-guabira-copa-sudamericana-913107.webp
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: 904630ecf536962eac0e44b57af43439ea425216490cdd1d90cb4023072f96ad

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
via: 1.1 google
last-modified: Tue, 27 Apr 2021 13:34:18 GMT
server: Interlatin
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 54280

GET
H2 200 confirman-presencia-de-variante-britanica-en-el-pais-a-comienzos-de-la-tercera-ola-912952-0.webp
cdn.bolivia.com/sdi/2021/04/26/ 18 KB
18 KB 10ms
9ms Image
image/webp 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bolivia.com/sdi/2021/04/26/confirman-presencia-de-variante-britanica-en-el-pais-a-comienzos-de-la-tercera-ola-912952-0.webp
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: 91a8c67062e36e2d2995b34008e366e73face07282c0148539790c732470e605

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:33:12 GMT
via: 1.1 google
last-modified: Mon, 26 Apr 2021 18:50:27 GMT
server: Interlatin
age: 18511
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 18016

GET
H2 200 horoscopo-27-abril-josie-diez-canseco-912897-0.webp
cdn.bolivia.com/sdi/2021/04/26/ 16 KB
16 KB 8ms
7ms Image
image/webp 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bolivia.com/sdi/2021/04/26/horoscopo-27-abril-josie-diez-canseco-912897-0.webp
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: 71f0e0d6941556d25267192dbaa9cc2bb10ef2b6f777fa4808f59ef8cce80639

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:33:12 GMT
via: 1.1 google
last-modified: Mon, 26 Apr 2021 17:01:49 GMT
server: Interlatin
age: 18511
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 15886

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
43 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KX9225J

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7611a14d2363d16db72bc98fcee67e32e25d9e6fc23053fdc245496883ea66e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43920
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H2 200 pixel.png
cdn.bolivia.com/images/v2/lazy/ 924 B
1020 B 7ms
7ms Image
image/png 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bolivia.com/images/v2/lazy/pixel.png
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: df8724625cbdbd17cbeb8ac446367cdb31742ce0f9a2a875ac2d685b4b3bba4f

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 18:45:54 GMT
via: 1.1 google
last-modified: Fri, 31 Jul 2020 22:09:49 GMT
server: Interlatin
age: 845749
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 924

GET
H3-29 200 pubads_impl_2021042601.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 29ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 08:39:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108658
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 10:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355392
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 10:58:31 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
21 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.bolivia.com
Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6619346
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 21785
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
x-served-by: cache-fra19178-FRA, cache-hhn4051-HHN
date: Tue, 27 Apr 2021 13:41:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazysizes-custom-5.2.1.min.js Show response
cdn.bolivia.com/js/lazy/ 9 KB
4 KB 8ms
7ms Script
application/javascript 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bolivia.com/js/lazy/lazysizes-custom-5.2.1.min.js
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: d1591a53904c56b367eaf2ae2270e3970c715b8e867e1a0c242934b1484f4051

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 17:46:23 GMT
content-encoding: br
last-modified: Fri, 29 May 2020 02:34:11 GMT
server: Interlatin
age: 590120
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 3851
via: 1.1 google

GET
H2 200 ls.video-embed2.min.js Show response
cdn.bolivia.com/js/lazy/plugins/video-embed/ 4 KB
2 KB 8ms
7ms Script
application/javascript 34.117.63.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bolivia.com/js/lazy/plugins/video-embed/ls.video-embed2.min.js
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.63.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.63.117.34.bc.googleusercontent.com
Software: Interlatin /
Resource Hash: cd37e2c1dae74d3b065f856d3736ea4bb3a7459ab2b2edf9bc61eac2c5e91fa0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 03:35:49 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 23:39:24 GMT
server: Interlatin
age: 36354
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: clear
content-length: 1581
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX9225J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1141
date: Tue, 27 Apr 2021 13:22:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 15:22:42 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@1.1.1
https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

4 KB
2 KB

15ms
15ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3084336
vary: Accept-Encoding
cf-request-id: 09b52987a30000177e79bc0000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: cc0a70959a9cec0245ee5546f5155226
cache-control: public, max-age=31536000
cf-ray: 6468785298ef177e-FRA

Redirect headers

date: Tue, 27 Apr 2021 13:41:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 366940
vary: Accept, Accept-Encoding
cf-request-id: 09b52987830000177e959ff000000001
fly-request-id: 01F3YV2NRM0YW2MCZK9P2JBYK2
server: cloudflare
location: /web-vitals@1.1.1/dist/web-vitals.umd.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 646878526881177e-FRA

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=15183478&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bolivia.com%2F&ul=en-us&de=UTF-8&dt=Bolivia.com%20-%20Informaci%C3%B3n%20General%20de%20Bolivia%2C%20Noticias%2C%20Radio%2C%20F%C3%BAtbol%2C%20Cine%2C%20Turismo%2C%20Gastronom%C3%ADa%2C%20Entretenimiento%2C%20Tecnolog%C3%ADa%2C%20Vida%20Sana%2C%20y%20mucho%20m%C3%A1s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1453641702&gjid=623490279&cid=315511519.1619530903&tid=UA-2646354-8&_gid=688764712.1619530903&_r=1&gtm=2wg4e1KX9225J&z=1635409016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolivia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.bolivia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bolivia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2646354-8&cid=315511519.1619530903&jid=1453641702&gjid=623490279&_gid=688764712.1619530903&_u=YEBAAAAAAAAAAC~&z=2144051480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 13:41:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.bolivia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 412ms
411ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=811802813293647&correlator=3300851709125473&output=ldjh&impl=fif&eid=31060921&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=29027012%2Cbolivia_home_zocalo&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1619530903&dt=1619530903498&dlt=1619530902996&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=146412567&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bolivia.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=315511519.1619530903&ga_sid=1619530904&ga_hid=15183478&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8f2bb32bde396dd4611d5b232800bd78f4684620036567437e43cc0f5d8f310c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7206
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bolivia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 72ms
14ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
27 KB 890ms
890ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=811802813293647&correlator=3300851709125473&output=ldjh&impl=fif&eid=31060921&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=29027012%2Cbolivia_home_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1619530903&dt=1619530903503&dlt=1619530902996&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=176&adks=2115526124&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bolivia.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x250&msz=728x250&ga_vid=315511519.1619530903&ga_sid=1619530904&ga_hid=15183478&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0d85fd38e02f4be36c1ba114d912d95b748143ae59d100afe4f3910cabb5ecd7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLV6-HGnvACFYfAEQgdj_YHLg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLV6-HGnvACFYfAEQgdj_YHLg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27528
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 27 Apr 2021 13:41:44 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bolivia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2646354-8&cid=315511519.1619530903&jid=1453641702&_u=YEBAAAAAAAAAAC~&z=1601426698

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2646354-8&cid=315511519.1619530903&jid=1453641702&_u=YEBAAAAAAAAAAC~&z=1601426698

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 14ms
13ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=bolivia.com&host=www.bolivia.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 44ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e26e7dba9137103ab834d003e6eb1f924767a58d1047c29c9feb41fa5983da93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6921
x-xss-protection: 0

GET
H3-29 200 container.html Show response
e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06A7 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolivia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bolivia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 27 Apr 2021 13:41:43 GMT
expires: Wed, 27 Apr 2022 13:41:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2440 624 B
591 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 27 Apr 2021 13:41:43 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUn9r2sqVaIpUOj8bas4tBITIT0bmzjZR7UznezpnMIOKUo2Nr_aAMAPsFpe; expires=Sun, 22-May-2022 13:41:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 06A7 42 KB
20 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ-eWKDITp5Yu5bA3VsyxkBYhvk0cm38Q3cnndctQ5DrETIA42bSIy4MpGL81f8FoTUX2QT2lgP4xiEHie5EQ6JSrzDpK9ytYqtx1DTdzK0HO5vst_sqIFgsMbzRxpQDXyJ3niJwB8Nt_krSNvvKzZ-hrT8g&dbm_d=AKAmf-At4n5vF4keYek5TTI8fnWgy_HzA0ArHJ8Bz4_CWG5QXAtxRdPZ0Wpjf2acZVXJ1IS3phMFm1F6cBd40RumfVJG0ycnh8-ZsTMCnuunIUUlKZ2ocynC3MboQW0s8lyjKeImWhDmGjnAvO2t5Df1dB5Wc6-CrUmik5RO3f7RYvoeejSslJYYneG_eT_b8iDrCHQuZ6BHNQ9vz8m1TWJxLNg2ZZ7tj1_oqF2ddKzg4e58B6w0KSQvnturpI6r538SGGwFct4JlF8uG_DpcjMM2cS0GzSLKLl5EiI51fVgGpPxB3mvVMj8T_kd8ZV8VAXkuJQAoScKRHTKdYLWQtQlIHKY0CW7XkrIhLr7fFFhVppKpzhznBb88cPoD8VJOjqYfhVfsH-lTyTOgugBlbpxhgBSQPaUMlnJ70HQ37d9ADtz6bbSNyGsgc7XNfMCdBnqYerDV727ItaGcFxDaGyduL2URCpiyBXf4gwodsDchcuWFe72wEfVAouKk3-iO3IG_w37DoKJ9iZB-_o8pqpmHmfgRt-Xz5Rdl74XjdFSyIUtDy1JC1O6CudzY6Kp52deTzhTvt0_71nEwXBaXy81k_IRiL5VbCnZSOHXVzHZzSSj78bOJaOJlrY792hbHipZiM3Cx0qLVGRr8MErti1eOdA2xpWQok7mzYTLRr-b5DXJNBhUeQqKdDflvj3svuI3Ji4hKufbVLcmDDUnFoPTZcgtyoao0BbsvzpBnoEVy6vr6h06a7DKYnP-aiaDFJ-7hXhvcalov8RdW1xfb_6A8CK9niJJcjzx0TlcXRFjgltsV8sT3PfLA61-B1JbuUFSsJ7arfoVhdQQv94ETmhEvAY0WdRPWe76BdEpKXRrNmiOrp2Zw-cfRayU43oZaS8fLAGDoKNmrvhSSSs6rUvRrFMQNHmTveoGf3hZ3HpxqvWJX4jB-FwZHLCxg4b3LY5bR1eZvpVnrsfi-wHhA8o1cB51JHZxOJ88L2DpdLTp9JBLo3Q465ciDnmwIhBHdlfY4M0JrBkmhTtuP_3LPBB6lBD5CMb7FCj5i0JXjOagtxMXzZPT77TYDAmfvqptglWaOF7hT4CsWb2VXywiDzh0OINzBcyUnioME6a4Rn1qiTgtHdbVc3GnjGnSZR60iMOj0Y_y7rZn6R32E8GtJZaY5qFMWGCzAseGzFzXjHHufe0xkCeTTdEoIscSuGMo8qCQoGK_wFf5XbbDXuI1107RC9CENuTTqr34IuvB1zYGB2cAuPCBC7GQzLx_D9ENrR9KcvmCXOniv_TCmXOqhYTDZnM9aiINS4pueVcw5hyQOX1SY0tE00vRoIIjaQthUtP8ofxAirOSROG5hvCNXQIpOQqBvjd67JJ0GKgfGuYHQhMc3dFCsCE9je5EhWOG7u84Eaw2bmIlI7t_kP67dhAPabTECP1YbFYNAMkGgoxRRXEWEAap5mIeHE8E4U2VMPiV684mz-UZSwFOK8REggiG6iWigzcutkakD3IpUkoId6-ILufMnpiz-9HbxNuR7G3D54yGvXiuiHmOQFHxNyH7gcST0-eLgzczcCOqfypGlsSwlRXWksgzIn9c9gMKqZjBYBwzkt1OUoeKQxiUMJzty3Fys0vUF0jCeDf1wKvrzrkiFflUhPzg8_So4Edb3Z81mzWbHFG-XLHQuTyyysEB-Z5LBl_f_Zt8N6BRDvpZ-pMjlJOQMQtS29w88DnttLlMnR1XpbCczg9h8trmQsK1K8LyXu-tD6EPCgceJbDzVHIV8lJPGOB1NCfbigFQToaH2lBsbi5vmHPHdYxFES9Orqyrw2ypPb04AJiC8v5fsc4veXLRhRwNjJ3xG9X8JvmMUnFdRZFY8rs1edtgRw3s-UobVyWD0iyh8DPLkn0R23Poy6jJC2wPXUqBwL9yq3K5FjrtYDdWwp5Mr0npCl2zK2m83H3Qi9Gu5LLAUOsarIuUDJcFX2WM-GjtZR6h0LVmUqRZ-ucO84Ftbkw9exOQ6wgbM3qdE8l0uZ9sAbpbUaH93brGmYz88BreRy72kWkTcJTY8vvaAh8OKB1nhfHyZXMrhnESf-6l4e-r-LBMD5NLh3z9p5kpJYZ1jgRGfGy65VVHHdxQgl39MeVlti5fYEP9R8JG7xCpPOzzfOitN1iRZtEXblLA4Pl-p_K4bOwi_lj-K-EVCnBiC0UN4I2FZ17rNsOrqfNK1qiOGyBf2G3Alz_kRx0XhfZczdnk61V5bEYTb2DGfWuNJpXwZM4j6ycV9XQcA_UEqykrUjAEmW1YwfU8KsyrA9a6tsbijC68aCigaHs8iMxvj493q-Z4juGErAo8pdQzecUTezm3BdoG4p3tSA8NbdkeZvsNrBRvDElDGky3Phvg3aHXmSHLyrHWoKLDnSSMX9epDwdRLsycnzOhRWjkcm90BhwC-o1-mLe10tw_s481JG3N_xJFmxZjsS4R4KMvpZHRcLk6_X-QZV7n551mCGDokRUQlXnpO0TZb50UgZkLbcpMY7ugWHes2nUukXSron_PP27H6tJ15XqhqSps5K2OlTYq9oI5dkOOzTUWiqalQDi6-G0TaXNlQxx-Q9UtNke4evuY45C8DMHGMVUGDwsyTXZ2g_9b-CVSgL86fiLjlc4w6hgUdzijqDBEhzOXU9NDaymf7CpmtanZ9FR8QpHJqQiX-qVX9FE9tlFSpeLyDkYDG9Q3bIMb2vrRr0T-HpkllUH5O_Y4fsh8NFGCJ80XERKq8aRQx3t8oUpagpJx0db89a-FP-AA5-Sk3IQbwqlVSLIxCs3sLWOsp7Ru_FVd3JXzz8iPOi6bLHPR79ab8dFDnAaoJUeNrVF0vxyuu37BfwUcrrgLzRf5dHhvCid_7pUFEckGoZusEKSz&cid=CAASPeRoXHBbkBLY-v8yt5WstLhg7_ZhuMPgTWplM6vdmvr0N4T3CrneU0L9gkDrCVZI59qjmHulIPCHEhbdOSU&rfl=1%2Chttps%253A%252F%252Fwww.bolivia.com%252F%240

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a90ad2ff616f0cf75134a1ed0ccbdade704822c11878a9e82165224553afa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 06A7 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5DT5rXFbkFqnNDoI488m7DNjNt815SOzZfXYAGsLOyv4h1OEUqeABQBJWm5c_6p16W9XvFEwYTG4_RZH1bjklkT-EpyEyGM1mafkeoqmGZNXBp5E

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 06A7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06A7 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 06A7 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:40:07 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2440
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1&C=1

43 B
1014 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 27 Apr 2021 13:41:44 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 27 Apr 2021 13:41:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2440
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIgUmAciVVuLhWdktEwMmAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 27 Apr 2021 13:41:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWIbydH15nFeXC8coUlBVA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2440
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELozDrJ6KTc2ZLzHLEhtdkw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELozDrJ6KTc2ZLzHLEhtdkw%26google_cver%3D1

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELozDrJ6KTc2ZLzHLEhtdkw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvPqfARj9_9WWATAB&v=APEucNWFV0TV-lrjoFc14AfDO6JHvk4iicyR95A0ArE_C8FwtPQujES61p2C3q1IS5dM4E8ARvjckQXYyrQOC2n_M4_rJA2qJ77RN5-QcfnTVZcPZwXRwwHicdFr0akPPADvP3ret6Rb2zH15trOsrrf37w1FlCVoYiEAIIc3Q1xM74Tzdf3Jg2MtB6wtrBA_U-ShX7PVefRwjhlOTlWrfovpgPt_t4wvg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
X-Proxy-Origin: 159.48.53.217; 159.48.53.217; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.154:80
AN-X-Request-Uuid: 3475d7f7-bda4-4917-94df-b8e899db13d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
X-Proxy-Origin: 159.48.53.217; 159.48.53.217; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid: 6a08e408-a0bf-42d2-959e-1eadec8bf0fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELozDrJ6KTc2ZLzHLEhtdkw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2440
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyMzc1NjAzOTMyOTIxMzczOQ%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyMzc1NjAzOTMyOTIxMzczOQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 13:41:44 GMT
X-Proxy-Origin: 159.48.53.217; 159.48.53.217; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid: b6222332-cf96-4db8-8b27-f954782d1829
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyMzc1NjAzOTMyOTIxMzczOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 06A7 22 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ-eWKDITp5Yu5bA3VsyxkBYhvk0cm38Q3cnndctQ5DrETIA42bSIy4MpGL81f8FoTUX2QT2lgP4xiEHie5EQ6JSrzDpK9ytYqtx1DTdzK0HO5vst_sqIFgsMbzRxpQDXyJ3niJwB8Nt_krSNvvKzZ-hrT8g&dbm_d=AKAmf-At4n5vF4keYek5TTI8fnWgy_HzA0ArHJ8Bz4_CWG5QXAtxRdPZ0Wpjf2acZVXJ1IS3phMFm1F6cBd40RumfVJG0ycnh8-ZsTMCnuunIUUlKZ2ocynC3MboQW0s8lyjKeImWhDmGjnAvO2t5Df1dB5Wc6-CrUmik5RO3f7RYvoeejSslJYYneG_eT_b8iDrCHQuZ6BHNQ9vz8m1TWJxLNg2ZZ7tj1_oqF2ddKzg4e58B6w0KSQvnturpI6r538SGGwFct4JlF8uG_DpcjMM2cS0GzSLKLl5EiI51fVgGpPxB3mvVMj8T_kd8ZV8VAXkuJQAoScKRHTKdYLWQtQlIHKY0CW7XkrIhLr7fFFhVppKpzhznBb88cPoD8VJOjqYfhVfsH-lTyTOgugBlbpxhgBSQPaUMlnJ70HQ37d9ADtz6bbSNyGsgc7XNfMCdBnqYerDV727ItaGcFxDaGyduL2URCpiyBXf4gwodsDchcuWFe72wEfVAouKk3-iO3IG_w37DoKJ9iZB-_o8pqpmHmfgRt-Xz5Rdl74XjdFSyIUtDy1JC1O6CudzY6Kp52deTzhTvt0_71nEwXBaXy81k_IRiL5VbCnZSOHXVzHZzSSj78bOJaOJlrY792hbHipZiM3Cx0qLVGRr8MErti1eOdA2xpWQok7mzYTLRr-b5DXJNBhUeQqKdDflvj3svuI3Ji4hKufbVLcmDDUnFoPTZcgtyoao0BbsvzpBnoEVy6vr6h06a7DKYnP-aiaDFJ-7hXhvcalov8RdW1xfb_6A8CK9niJJcjzx0TlcXRFjgltsV8sT3PfLA61-B1JbuUFSsJ7arfoVhdQQv94ETmhEvAY0WdRPWe76BdEpKXRrNmiOrp2Zw-cfRayU43oZaS8fLAGDoKNmrvhSSSs6rUvRrFMQNHmTveoGf3hZ3HpxqvWJX4jB-FwZHLCxg4b3LY5bR1eZvpVnrsfi-wHhA8o1cB51JHZxOJ88L2DpdLTp9JBLo3Q465ciDnmwIhBHdlfY4M0JrBkmhTtuP_3LPBB6lBD5CMb7FCj5i0JXjOagtxMXzZPT77TYDAmfvqptglWaOF7hT4CsWb2VXywiDzh0OINzBcyUnioME6a4Rn1qiTgtHdbVc3GnjGnSZR60iMOj0Y_y7rZn6R32E8GtJZaY5qFMWGCzAseGzFzXjHHufe0xkCeTTdEoIscSuGMo8qCQoGK_wFf5XbbDXuI1107RC9CENuTTqr34IuvB1zYGB2cAuPCBC7GQzLx_D9ENrR9KcvmCXOniv_TCmXOqhYTDZnM9aiINS4pueVcw5hyQOX1SY0tE00vRoIIjaQthUtP8ofxAirOSROG5hvCNXQIpOQqBvjd67JJ0GKgfGuYHQhMc3dFCsCE9je5EhWOG7u84Eaw2bmIlI7t_kP67dhAPabTECP1YbFYNAMkGgoxRRXEWEAap5mIeHE8E4U2VMPiV684mz-UZSwFOK8REggiG6iWigzcutkakD3IpUkoId6-ILufMnpiz-9HbxNuR7G3D54yGvXiuiHmOQFHxNyH7gcST0-eLgzczcCOqfypGlsSwlRXWksgzIn9c9gMKqZjBYBwzkt1OUoeKQxiUMJzty3Fys0vUF0jCeDf1wKvrzrkiFflUhPzg8_So4Edb3Z81mzWbHFG-XLHQuTyyysEB-Z5LBl_f_Zt8N6BRDvpZ-pMjlJOQMQtS29w88DnttLlMnR1XpbCczg9h8trmQsK1K8LyXu-tD6EPCgceJbDzVHIV8lJPGOB1NCfbigFQToaH2lBsbi5vmHPHdYxFES9Orqyrw2ypPb04AJiC8v5fsc4veXLRhRwNjJ3xG9X8JvmMUnFdRZFY8rs1edtgRw3s-UobVyWD0iyh8DPLkn0R23Poy6jJC2wPXUqBwL9yq3K5FjrtYDdWwp5Mr0npCl2zK2m83H3Qi9Gu5LLAUOsarIuUDJcFX2WM-GjtZR6h0LVmUqRZ-ucO84Ftbkw9exOQ6wgbM3qdE8l0uZ9sAbpbUaH93brGmYz88BreRy72kWkTcJTY8vvaAh8OKB1nhfHyZXMrhnESf-6l4e-r-LBMD5NLh3z9p5kpJYZ1jgRGfGy65VVHHdxQgl39MeVlti5fYEP9R8JG7xCpPOzzfOitN1iRZtEXblLA4Pl-p_K4bOwi_lj-K-EVCnBiC0UN4I2FZ17rNsOrqfNK1qiOGyBf2G3Alz_kRx0XhfZczdnk61V5bEYTb2DGfWuNJpXwZM4j6ycV9XQcA_UEqykrUjAEmW1YwfU8KsyrA9a6tsbijC68aCigaHs8iMxvj493q-Z4juGErAo8pdQzecUTezm3BdoG4p3tSA8NbdkeZvsNrBRvDElDGky3Phvg3aHXmSHLyrHWoKLDnSSMX9epDwdRLsycnzOhRWjkcm90BhwC-o1-mLe10tw_s481JG3N_xJFmxZjsS4R4KMvpZHRcLk6_X-QZV7n551mCGDokRUQlXnpO0TZb50UgZkLbcpMY7ugWHes2nUukXSron_PP27H6tJ15XqhqSps5K2OlTYq9oI5dkOOzTUWiqalQDi6-G0TaXNlQxx-Q9UtNke4evuY45C8DMHGMVUGDwsyTXZ2g_9b-CVSgL86fiLjlc4w6hgUdzijqDBEhzOXU9NDaymf7CpmtanZ9FR8QpHJqQiX-qVX9FE9tlFSpeLyDkYDG9Q3bIMb2vrRr0T-HpkllUH5O_Y4fsh8NFGCJ80XERKq8aRQx3t8oUpagpJx0db89a-FP-AA5-Sk3IQbwqlVSLIxCs3sLWOsp7Ru_FVd3JXzz8iPOi6bLHPR79ab8dFDnAaoJUeNrVF0vxyuu37BfwUcrrgLzRf5dHhvCid_7pUFEckGoZusEKSz&cid=CAASPeRoXHBbkBLY-v8yt5WstLhg7_ZhuMPgTWplM6vdmvr0N4T3CrneU0L9gkDrCVZI59qjmHulIPCHEhbdOSU&rfl=1%2Chttps%253A%252F%252Fwww.bolivia.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 8606185217770904955
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:37:50 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/ Frame 06A7 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:38:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 06A7 0
575 B 45ms
23ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFP8PAafAUMPPozCGGbFxfyDP7k7TuYirS2aNV3F_tuisaz4AODNBPKAI1G_WuXqZohLj16_yxfd6C6yLKbyhJT-OyLb3FHWZPM8M-2cOhrjKku75VU__kosEuehfOl4MvdOEM6wbBACBoAlcbTCw_bmWCFVDQIc9LqRaX61DD1-HfSqfBwHysxqJw1mkxo5h8yT3clUS92QIq7R2SByYYrM5cymPdHWZhA2bX_iJwap2e-gD1H4CztPoFuRTDDJkaWYB_e6-n8iXz2A6TL_zZOPTP3AS3b_k8uruDkUsFOfJvKBhMYUdao6wmc11odZ8XjxVpZLHBbc2Rs04ac1l9p8U6VLch_wEJjx50eVCzxLNap2KCK2L0Y1KHmUZ7uGPdFKu67kYk0ihhVVfXBHEzPSIELox0nHjkwquozYADRDfwnMFfseay7RAe_qnDyxRFgeqTVMlanieyahGeXp79OqNl3-0Io5w6MTPO1kY2-CgoC-XFQRXQMQJLv53jMecJt797t0fTAaQ6vYAMEQQ11kzI99TAii5Px-HcSU6qCfXlUSfUuOET9_ruHJRabTuFiuRJKMdAQLwHJoHgj6apJZUdwie6zIsJuuRsuDid1Lucu6WC-CHVNaXNlYxnXL0AtBml0j8vd1zeF5HcFD-vjR0Jh-7btDBA3brqC6q2ADY0C048MuiYRylrxaey-4h2f2bT3hxp04FClXSLH3W8HxpNCZrpkcGyq2p6Eetn2kgW9QEGLCfE57HhTMFXGKLCThJvpuOc5M-9ijdWgbGFGTEeZVktMZV9LHxk8j8dSVitpwnOh4uV0Jdw2J7-tfisERp8tDw4jx_FGrXlyhEHZ4XP3BFhWp2rey0vphDWLOa2w3PCMsS4gN1TdfXBb9-xHsIIaR5g2jY1aOPYgW6jfARF5XAQB_eJQHRxUUOBgJ9qPJNxvSpc-3knTU5Rh0zRbOuIRbW-fMb6O0nEUCz6gRbqnJzb1DP3PNjQYUEcMbG6upmedBXFQJ5tSCj_StFfxTrlcNGVVgxMc6eAwlUhdn59WKnWEw8rV9VhUVMGTS1SnL6ifVqeGO83XNvlh5hr01LYvYpjGlE6X5HekgKxFYpYxyTKyWtxzbhvW20FzT_sxVU_DwVAX4mNVPcWMoZyGWM7b_YyjHeNUS8BkjLNrg&sai=AMfl-YSbR7dJcv9KuE8EEK_eP3GgZJseDS4Knw3-7F_YxKvBkVNQKN2vQRkYyp_UJsx4lV4tcAMxCtz0ykYb-cXGDDRuZhxdllm5eyTJeuMK9d_3F3kEBRnnSxbLwXwmf3dGP1ZdOTpz8Iex-kCfA147YOmWgSrQOWRPMtvepFQ17BFI8VwiVS_fO-IbrXO8zKH51zeQ5E5iR0BHXvbhqbi8bnIAnqdC4ITdrYA1myDYS70PWxeDeoK4PnQ_9hnrnSphIw&sig=Cg0ArKJSzPdnvJIDGiLfEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210422.45406&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 27 Apr 2021 13:41:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 06A7 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17908
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 08:43:16 GMT

GET
H2 200 UK_SP_M2_GDN_728x90.png
s0.2mdn.net/8263337/ Frame 06A7 29 KB
29 KB 31ms
7ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8263337/UK_SP_M2_GDN_728x90.png

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38f1579b533a3b5a677c95c035ce91bfe1fb8da115e782e133eb61263f441374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 12:22:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:13:29 GMT
server: sffe
age: 4736
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29806
x-xss-protection: 0
expires: Wed, 28 Apr 2021 12:22:48 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9736 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolivia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bolivia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 27 Apr 2021 13:24:54 GMT
expires: Wed, 27 Apr 2022 13:24:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1010
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 40EA 783 B
532 B 17ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

435715a56014515cd0e7838f8b2c7c5bb680a18fa7db25bd59501b217e9ba05a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4vGD8LPz7tgP0r23gdeDUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolivia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bolivia.com/

Response headers

expires: Tue, 27 Apr 2021 13:41:44 GMT
date: Tue, 27 Apr 2021 13:41:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4vGD8LPz7tgP0r23gdeDUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0BF2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 26 Apr 2021 18:42:28 GMT
expires: Tue, 26 Apr 2022 18:42:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 68356
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 06A7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8a29a2ce68fb1993d1552fadd69daf070a093ce1fb60157e2d7ee42fe13e001

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 06A7 0
23 B 31ms
17ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 13:41:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BF2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:03:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 13095
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Wed, 27 Apr 2022 10:03:29 GMT

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9736 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 10:03:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 13095
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Wed, 27 Apr 2022 10:03:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BF2 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B83j7lxSIYIrnO76LjuwP36ym2AQAAAAAOAHgBAI&bg=!kZKlktbNAAZUuIlwVLg7ACkAdvg8WgmIDsKSM5tCoM5dfkFSxjOBB30LUC9_7N_aZWAEBYchvXjHfwIAAACSUgAAABRoAQcKAL1LPmIZCVW_uwKyHeSnTylc12b4T8uiqpEpzBrLyg7X5o7VFQu4K-aPq1vP8ouC_UHMGDm62YbgfvTYKImf30LvzcJZpAtCGaCkcTxWbAdSvyBA_CFjotLKQy4aOUfdCFPGBL2o7wo_oGXISsJrZoWkgrPeQUZT7VVamSEiJLOcg9AqpJwZ3GA-Ehurk6BRzw1kf3H09AB237J8CBZI9psfh5wp22S1lk9dheG1BDERKrOX8pjX8MyERY7AuaSZAm3yLbmKo73RGCr4xW_FkAGd1SG0XqVSyuWxMqT8NflC_XMSB4P_QDTgiMjFjB4mbjBNNg4CQmXYUPYkJmgF2oMRJuqwQqKiPyAnfoUR4lOYg-KB9vQsE1BMeIPDC1ahsd8AMzjw7g1qVztZsuu6D30-6spdNM5dSs1aJjWIbfZcqncmA4JxBVVAfyG0AlW2WOZS9N80lCRfjjUrcSheXaK1ltvb-FtvoT4R08PJVvWLs55ItTAq4SRluwEb5TaEt8XOKz0LQe0-H5btIHiiFjKNmD7vmjSdN17H8JXnEL8nXpb80Xw9NJqlqkzYSzZ3u6XLKwq6YATJSGtkTN1GHWWz5ofHIMrtpwX9zIzq1QMZHOUP-q0aKYQavtfoqqGs9j2NM01v8zVas-aAB6fngu5QR1HK6VAmQe0mm1ilEMOtQmzUDUWZ7YnCQerkMxFdqrDBeIX1ErW42_Y1egcgJ-WydlQx-S8ZpFuqbbcjA0SATCc_wdo0Bnodau6p01ieKQhryCDoO_xwAdf-ECWcKI0mLkeekB3FbTJsIHsEgETq0Ro5xG_bPxt9CtUb5nBiGJYYeeVG7anVoF1Ki3Rmg1zL5lOR_hISpkgQS3YWRSPbY24dDXmZJ3sNVMfPejblmHecF3E7c1W6dajp_VKOLJWd-SUJ0oxx-ETCZa8FrPnn9ygdQ6qh3t6aRSfHdO0NpABEaulUP0ALW2b1m_7EJOuz02lB0sRUvVUVGJaxQ-tN6wopVV1LO__1pSmyAkVZSGcPrCqLfozA3IM4celNNS5bhqW3SKNLYMf5u0XUW4VrqN4gsY_D_AEXRm1FVCw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042601&jk=811802813293647&bg=!29il2JzNAAZUuIlwVLg7ACkAdvg8WhapDCOtRLOQGEcQdQhrzQ1ZWk29XoE_K-cWbRPL_QK8aij1UgIAAACcUgAAAA1oAQcKAN_g6PL8X-UZ68AYSvJITS-yl3wovN4_Wkh6XtepfRKoN2SP8ZPc7d_5EDYyzGLrUT9ww40NeZyOujV_LMpsmtABgGUV5vqxekaoy6Mk5zfAkTlsW2AgQUfLOS4lZW2dKLOF6Sa8y9dipJTxCqil50rlpaHdfoNpyoziaLdXDEged9JyU-wFsFIYY8jbaONP4LUOVoGo9QzQE-LAfD_t3fOjzU5jlMynRblISiFagn2WbcxLt0DhNCS-m84EU8tsfGkzB47O0vtNpi-nn_MKgaWWpj3E7xCvHbVro8KzGOL8mQIq6CdIiNvRcKWKBXd9HYpcmO3HiJhwiH_jChR_EYFea6UVzLAMkl9ewyS3J4EHH5YvqpVy8Qiqz00horURjBK9NxrGoTgy0PtylbT8VHXUGNT33qfDWB5ibuuUZtWh-NmLzkFpdOsX6ZQtuX0ZsfIfKjEahroy5IjzcmLzfqtkCVMMH7rJ4NuRluryeJOmUqIh0QCl2-jyhTS_OhoU06TW3FxVANGkdLh8yn-FzwLAq6EAoxE4Woct8-v-WsFz1MfjcAtt5pvFSP1Wg7ibKsPMHUHUdr-Vj6riSsFYhjTk0E-vVgRXWGz7oOvxjOL4z6a2OkJJn87Bc_ooV61jcMvy5yyYBTY5Ca3Fo14uL5Z597vxnSNekkFeZRY7IJCYr_v_9DZhHojeJ_44bghpt64rrprdkaKuByubmp4JlLuyi86BOKN74HIs4DXciDEqXsu1en4R-nQUi3NiXHQaCiYH0kfk916Lmjcz95UEV7t68cyO3WrfQmg2yo7in0um5qEGWpFQUSBWtbpTvJ5Rq8hfbDPELNjx1T8_CJ5yNANrykz-Z5yfFk6IVFG_W_fN-zZhGoLTToR2fobmDxFEG59QgJWUxX8hx-VLpe75eq7wNezFhGljufMA1AfzKlFdpooIL2wVX7Abs4zK552mr4nskkbmg01yNaVJUXvDh-pLs7ZXLYc4sxuISaCknugrfxgFtFNAp7G6MKmBt0sfQlX6CT-0yLKbUNMo8WI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolivia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A89 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolivia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bolivia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 27 Apr 2021 13:41:43 GMT
expires: Wed, 27 Apr 2022 13:41:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Car-Finance_970x250-duration.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/ Frame 331F 29 KB
7 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html

Requested by

Host: www.bolivia.com
URL: https://www.bolivia.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90056977dcb412097b44502bc6d9898bb49c9d989df58ebf557fcb22edf39d0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 22 Apr 2021 08:43:26 GMT
expires: Fri, 22 Apr 2022 08:43:26 GMT
last-modified: Wed, 21 Apr 2021 14:29:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 7587
age: 449898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

B22996847.251805934;dc_pre=CLeZjuLGnvACFTFR5QodX3UDJQ;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/ Frame 7A89
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;dc_pre=CLeZjuLGnvACFTFR5QodX3UDJQ;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

43 B
64 B

38ms
37ms

Fetch
image/gif

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;dc_pre=CLeZjuLGnvACFTFR5QodX3UDJQ;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/ad/N1030543.134426GOOGLEDISPLAYNETW/B22996847.251805934;dc_pre=CLeZjuLGnvACFTFR5QodX3UDJQ;sz=1x1;ord=1556504610;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7A89 0
0 46ms
46ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfusrlxSIYLKuN4eBx_APj-2f8AKfie68Yv72q-PSDdvqy7XTDBABIPT0tilguwagAaP6hMkDyAEJqQJ--pdsKUu3PuACAKgDAcgDCKoE1gFP0F9GhMFBoqS8uJT29TWJqWXURRTEgqBnfdhl5W5j4z-Ck4BghFJO-QGUP5rN5-6FeKPUjZLRRbd4Vm8oxWNPaeVsfSyXZU8XtIvml5tBv_eBH2uk2EBAsADv1ZZyl91437iRVWTfoLBs3TNSIa0QuXE9C0Ke9wcDlJdrSW4q7UXwwHxemsLorc9lLjHWHZHcIlVO9HTmRmjkvs36IZdJ2J5VLq4OW_CiPu1JmPG-4v1o_0bJQLXtwYIPqWvAi8ngEMaWfvzIi4K1TK3_9bUHVMRkhgcIwASciOq1nALgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxYX7NqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCF7hTSCAkIgOGAUBABGB2ACgPICwHYEwyYFgGyFxoKGAgAEhRwdWItMTE2NDI0NDI2ODI2MTA0OQ&sigh=BvPCxLq395I&template_id=419
Requested by: Host: www.bolivia.com
URL: https://www.bolivia.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 7A89 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:38:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 7A89 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A89 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 13:41:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 7A89 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 13:40:07 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7A89 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOoxghkbHrd8L1S6fyUh_XkbR31eeQ71b9RIU2Hxf6M9wzzSkf7L4J56hRSLi5g0th9oyT
Requested by: Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 331F 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 331F 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 23:11:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 331F 3 KB
608 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7877640304196097585/Car-Finance_970x250-duration.html/Car-Finance_970x250-duration.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7971bffa44c1c86543b6747b7ac333564decf57d2696acb1f939e521bb49f766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 13:26:33 GMT
server: ESF
date: Tue, 27 Apr 2021 13:41:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 13:41:44 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77BA 143 B
163 B 9ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmTLFpjVfP0zqmvmHhucDTfuVEMlZ07L2rbgcOMjJOFqYBnOujhP4P-qNvGbyY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 27 Apr 2021 13:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 745
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7A89 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16ccd95fa7613969ba3dbedbada1f19f81b89c577d3893a61ec05eff693469c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v12/ Frame 331F 36 KB
36 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v12/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 04:51:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:48:29 GMT
server: sffe
age: 204590
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36444
x-xss-protection: 0
expires: Mon, 25 Apr 2022 04:51:54 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77BA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
URL: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmTLFpjVfP0zqmvmHhucDTfuVEMlZ07L2rbgcOMjJOFqYBnOujhP4P-qNvGbyY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 13:41:44 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 27-Apr-2021 14:41:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 13:41:44 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 13:41:44 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06A7 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT1F7ojKcIbUH6-WqYNQyn9G_k8UzrEa2wo6Kb432JIvIgDWapDJwkIRbnfv5HQv4KuMoHM7fAaWDDI3_bJD7uq03Eui-XoS2vfGU-kr9uWBTLNGSqYETR7Uq7Sg&sai=AMfl-YS2cAbUf0h2SbIMck4SOmeq6npP5bq9isGa1aLijMSFJr090-rC-SbzvoYOKGwPj7in3pLQ7Q0MuE95U5ADxUmXMNu7JoGe0iBIuqxEy5QMJ0o4osyVi2kZfasqOgo&sig=Cg0ArKJSzFN4mCzSKS7hEAE&cid=CAASPeRoXHBbkBLY-v8yt5WstLhg7_ZhuMPgTWplM6vdmvr0N4T3CrneU0L9gkDrCVZI59qjmHulIPCHEhbdOSU&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=146412567&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619530903941&dlt=17&rpt=151&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A89 42 B
501 B 36ms
17ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGIgNbNkaOzdRmjjcKmrbymlA8fP_fUGTD6qBhCmWfah9v3ZxPfm2Gew44ZE_IlaQZdzjdW62GsDFjrEhcUTcIct1HVQGOSu9hshKjJa3WxEzAQptoxR1LEsOiNA&sai=AMfl-YRKnBgcL_6f333PukN81xVDoYdbfJGCxx5FzwdWqRKIY0Ce1LLwVRMgnF0EvxTxNwRBBrhgsetHbzBAglG9Govo9BsD4wW3eTOEt_kV7GxAnSNDJpo5UFVMG3UERajc&sig=Cg0ArKJSzAdFxuRpvQppEAE&cid=CAASPeRoYZ5Sut3Gqg9y6F3jvLo_2hljEijesf98D2EBAHupeajmGpIYZZz8WHqnDUYoMYfVenrv3YrTdOsOMmo&id=lidar2&mcvt=1000&p=176,315,426,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2115526124&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619530904409&dlt=10&rpt=2&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 13:41:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolivia.com/	1970-01-19 17:52:10	Name: _gat_UA-2646354-8 Value: 1
.bolivia.com/	1970-01-19 17:53:37	Name: _gid Value: GA1.2.688764712.1619530903
.bolivia.com/	1970-01-20 11:23:22	Name: _ga Value: GA1.2.315511519.1619530903

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
cdn.bolivia.com
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
e1feaa9ab2038c3625d11339a5d4973f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.bolivia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
107.0.22.33
142.250.185.102
142.250.185.130
142.250.185.98
2.18.234.21
216.58.212.130
2606:4700::6810:7eaf
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9b
2a04:4e42:1b::621
34.117.63.36
37.252.172.37
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d85fd38e02f4be36c1ba114d912d95b748143ae59d100afe4f3910cabb5ecd7
10028592f6c99d3fefd4f2b8ba5603a0d9ebb95fa95ac3a438697d84ee7389a0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16ccd95fa7613969ba3dbedbada1f19f81b89c577d3893a61ec05eff693469c6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a90ad2ff616f0cf75134a1ed0ccbdade704822c11878a9e82165224553afa37
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
38f1579b533a3b5a677c95c035ce91bfe1fb8da115e782e133eb61263f441374
435715a56014515cd0e7838f8b2c7c5bb680a18fa7db25bd59501b217e9ba05a
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5c3389dfcc1d2ec23bd679af5166909e8b8821e1bdaf33c3a9e02ee3f55d9761
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
71f0e0d6941556d25267192dbaa9cc2bb10ef2b6f777fa4808f59ef8cce80639
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7611a14d2363d16db72bc98fcee67e32e25d9e6fc23053fdc245496883ea66e8
7971bffa44c1c86543b6747b7ac333564decf57d2696acb1f939e521bb49f766
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8f2bb32bde396dd4611d5b232800bd78f4684620036567437e43cc0f5d8f310c
904630ecf536962eac0e44b57af43439ea425216490cdd1d90cb4023072f96ad
91a8c67062e36e2d2995b34008e366e73face07282c0148539790c732470e605
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c74a639868d8c804dec10ee2afe8c23027fec28a0ce1e5cd3bdbaf466cec169
9cbd36ac0948a1d1d771d830d73de05656ce5fffccc60c9ce50df9825614d991
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c90056977dcb412097b44502bc6d9898bb49c9d989df58ebf557fcb22edf39d0
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
cd37e2c1dae74d3b065f856d3736ea4bb3a7459ab2b2edf9bc61eac2c5e91fa0
d1591a53904c56b367eaf2ae2270e3970c715b8e867e1a0c242934b1484f4051
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d8a29a2ce68fb1993d1552fadd69daf070a093ce1fb60157e2d7ee42fe13e001
d9d218658c279ec0ee43a77064f4a07ed2163340d65ab7f5e433557049be35bb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df8724625cbdbd17cbeb8ac446367cdb31742ce0f9a2a875ac2d685b4b3bba4f
e26e7dba9137103ab834d003e6eb1f924767a58d1047c29c9feb41fa5983da93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.bolivia.com Open in urlscan Pro 107.0.22.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

73 Requests

100 %HTTPS

71 %IPv6

16 Domains

26 Subdomains

29 IPs

3 Countries

775 kBTransfer

2074 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bolivia.com Open in urlscan Pro
107.0.22.33 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

71 %
IPv6

16
Domains

26
Subdomains

29
IPs

3
Countries

775 kB
Transfer

2074 kB
Size

3
Cookies

73 HTTP transactions
4 data transactions