urlscan.io logo urlscan.io
SecurityTrails logo

pt.gastromium.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pt.gastromium.com/
Effective URL: https://pt.gastromium.com/
Submission: On April 20 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 18 domains to perform 101 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.gastromium.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 8th 2021. Valid for: a year.
This is the only time pt.gastromium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 142.250.185.66 15169 (GOOGLE)
1 3 37.157.4.40 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 145.40.89.200 54825 (PACKET)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 37.157.2.239 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.98 15169 (GOOGLE)
3 5 69.192.160.245 16625 (AKAMAI-AS)
2 3 37.252.173.215 29990 (ASN-APPNEX)
4 37.157.6.236 198622 (ADFORM)
1 109.232.197.110 50234 (EULERIAN-AS)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 143.204.98.15 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
101 29
14    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
pt.gastromium.com
gastromium.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:2156:d800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
gastromium.com
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
3    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
7    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
a1.adform.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
5    69.192.160.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    109.232.197.110 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: ml.eulerian.net
mm.melia.com
11    2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
3    143.204.98.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-15.fra50.r.cloudfront.net
productsup.melia.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
24 gastromium.com
pt.gastromium.com
gastromium.com
2 MB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
96 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 3977
a1.adform.net — Cisco Umbrella Rank: 13810
s1.adform.net — Cisco Umbrella Rank: 9664
track.adform.net — Cisco Umbrella Rank: 4449
78 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
193 KB
11 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 12334
183 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
1 KB
4 melia.com
mm.melia.com — Cisco Umbrella Rank: 30513
productsup.melia.com — Cisco Umbrella Rank: 80432
774 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
3 KB
3 gstatic.com
fonts.gstatic.com
61 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
914 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1879
24 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 26184
239 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
5 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
37 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5993
179 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
349 B
101 18
Domain Requested by
22 gastromium.com pt.gastromium.com
11 c.bannerflow.net c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
c.bannerflow.net
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 a1.adform.net c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
s1.adform.net
4 s1.adform.net a1.adform.net
s1.adform.net
pt.gastromium.com
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 productsup.melia.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 fonts.gstatic.com gastromium.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 googleads.g.doubleclick.net c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
pt.gastromium.com
2 www.google.com tpc.googlesyndication.com
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
2 c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 script.4dex.io get.optad360.io
script.4dex.io
2 adx.adform.net get.optad360.io
2 get.optad360.io pt.gastromium.com
get.optad360.io
2 cdn.jsdelivr.net pt.gastromium.com
get.optad360.io
2 pt.gastromium.com 1 redirects
1 track.adform.net 1 redirects
1 mm.melia.com c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
1 www.googletagservices.com c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
1 prebid-eu.creativecdn.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
101 29
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-08 -
2022-11-07		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
mm.melia.com
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
*.melia.com
Go Daddy Secure Certificate Authority - G2		 2021-11-04 -
2022-12-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://pt.gastromium.com/
Frame ID: 34E54DAF1E395750E1DA70D677F84FFD
Requests: 49 HTTP requests in this frame

Frame: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 038651540EBD801B490F8035D2C9585D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 408EFB0E7E5AB0F9B5F4EF6A583B80AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B65562F05BB6E4DCA66CE0D42D1DAB5E
Requests: 2 HTTP requests in this frame

Frame: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5BF0BCE795583991D4BFF43710B1A1A8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Frame ID: AFC3916A8F1940B5EEEEDC915ECA52FD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 981AF8CBF4719483C1CB06AE41A70E6F
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/63577/11022066/11022066.js?ADFassetID=11022066&bv=257
Frame ID: F63D634FD16193BB539D482B65D0C6EA
Requests: 12 HTTP requests in this frame

Frame: blob://https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/38868b3b-f280-463d-9842-927b20c596cf
Frame ID: ADA58F3BB14BDE4865E84BFDEA3EAF9C
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F59c9120b31ae8f128419d688%2Fimages%2Fa326ed08-c4ea-44d9-8af8-9453fe674daa.jpg&w=765&h=90&q=85&f=webp&rt=cover&x1=0&y1=591&x2=1600&y2=779
Frame ID: 1DE49F2565C0C77C16BE52C16B3C3390
Requests: 2 HTTP requests in this frame

Frame: https://productsup.melia.com/production/pre-summer22_h_low.mp4
Frame ID: 6C8AEAB2CBBC23DF58EB0AD74283CC5C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deliciosos Pratos Vegitarianskie -

Page URL History Show full URLs

  1. http://pt.gastromium.com/ HTTP 301
    https://pt.gastromium.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

101
Requests

93 %
HTTPS

57 %
IPv6

18
Domains

29
Subdomains

29
IPs

5
Countries

3348 kB
Transfer

5269 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pt.gastromium.com/ HTTP 301
    https://pt.gastromium.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&C=1
Request Chain 64
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmB4dikqvw8Pv.xIS2h2AQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&google_hm=2
Request Chain 65
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDH3TJ7_v0s3mr6qG0c-UO8&google_cver=1
Request Chain 66
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1MDU0OTY2MjMxMTIzMzc0Ng%3D%3D
Request Chain 79
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 99
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.gastromium.com%2F&domain=pt.gastromium.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=uaa9OnxtOFBBWFdXN1NIWit1TVFyRllQUE1nWFBIcVdEMXphaWY1cWk1WlhpOG9taURUS0RsOXQyeXZTOWlYM3Y4ZXByblN6aXpKbzB1MXhJU2tuOGc3cnhGZzJjNnBQc1ZuWVlDMHBJaC9WSVFTZCs5bm40ai9Pa1hnd2tyWDRWWC9qTU01SllzRmYrQ05WQ2lFLzBQbG5nM2J2ZXA4OTNNb2FIYjJiVlNxcitEYW5HY3lwUndjVFk3U3UzS2JuZ3lNRVp3d08zN3J1emNDMCsrN3dkemMyd0hBT0xzZnRsSmNCbUo0WXNvalAyR2hVPXw&cppv=2

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pt.gastromium.com/
Redirect Chain
  • http://pt.gastromium.com/
  • https://pt.gastromium.com/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9dec1a42c7e6469d9fb98ec6346b7cf6d6f89d53c202669da51ec11ff3a27b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff0e8771ec641eb-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 21:17:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDBnc4zmtV9JB3xtL1R%2BVTjuVl3QboIhImQ%2FVko1dj9W7MJn6LKPE9O6MwMyQEA98f%2FZtjMAWXtm7QXmkF2C8HF0Klug3GEqsPnoxudchQWVs4DKezhOfRuhiU3p1bLNR8vaHpCJLnj0vKLn2dvkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
6ff0e87678e541d7-MRS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 20 Apr 2022 21:17:40 GMT
Expires
Wed, 20 Apr 2022 22:17:40 GMT
Location
https://pt.gastromium.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhpq3ml3ZuH5RZNOB07YLB%2FsSUXMX0Na4usYYcnpEtUyDr%2F1S0pP8BXbOoWFQDMsEwbg%2F2PkIdpilDL0hf%2BCZz%2BHuMlGbBm8kUNk4leUBWC5%2Bl0sDIMUHwxBrofqI9jvfN2vdakukdm06o3pvbdyqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.css
gastromium.com/template/css/ 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/bootstrap.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059dc794c94666ec6d89d2c8e583554a358414d13a17fd4fb53daec1fc6ee2ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
574862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-1e822"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9kVbfj7a4WmTJ0ALFSvBghxs7gZC%2FxeJe0RekInXZe8Gy5XRVTwFwyfGJDegxvGv3pfWby%2BIs%2FbEoIafhxUKLy47jNphzj0avGVmt4U%2F50KSl2ZoC5gIvUzJMTk8pnhiyNljsm4M3F4HdHhTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6741eb-MRS
expires
Sat, 14 May 2022 05:36:38 GMT
font-awesome.css
gastromium.com/template/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/font-awesome.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-6857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCfl%2BHILA5pTLSC2EOr2ADg491%2Fzs5mUmkrM3N2EtBAQdbOqns3V4tmjtblAIBOD3e49wrbki6zrAWA%2Fe%2Bkm2pLrbJpClxSwYdxWn9rwcFsgj9vpEZ2dqAKhyTEnu82ox7xcCH6VIm2Vtv75dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6641eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
slick.css
gastromium.com/template/css/ 		2 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/slick.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-6c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT8qufk%2Bv58wv0pibSICLSOpyFkAQkEtJWPnvW2KvEs6Rb85IGpfJr8td%2BkUCOz00tDkKTKv0eCUmChKPlem%2BTmurarqQBJiWLhQIWtGtRNr3Hlf10IQJYKKPusrQkP4%2F4BIYaQHuidMHQG6iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6141eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
style_002.css
gastromium.com/template/css/ 		130 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/style_002.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d28286d4abcf955dfb9064f5b8902c97c1242f3cb370510374be42e097d2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1170890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-20768"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6onD6ZgL2ZxoPL%2FSxygC9UNQcx6l7110KDt8s%2FNrGfyVNXj47fy%2Fs1H4PuDME%2FTloQbpQGtWZ9L98lW0y7hgM%2BBs2SJk9S%2FLEPyxNOPZ8FVoSjZZdRlWNTkpH8LZdENszIM5F59wqc54q%2FQk5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6341eb-MRS
expires
Sat, 07 May 2022 08:02:50 GMT
custom-style.css
gastromium.com/template/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/custom-style.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1b9e267066e20238138c2de1a01b305036f80ad06070722616489ac16efa41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-11b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y1n5JSTBpwAKBdq%2FJqnVTJ0xazzWfh0NLoJ4sydB7NPXNlk4o0juE2%2BnEh2eNBUYdbGB8M1mgKb%2B0AXAQihCa8UrhuYNMgMWKB%2BZ3GrXaIk9EzNWuClsoZz7d4EzWdFAmvkFxl07gTHl6iwDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6541eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
css_002.css
gastromium.com/template/css/ 		4 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/css_002.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88b1cf51f32e4381f312dfb3fbcdd7623488ace0014037a3c9555dc98db1e47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-f63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvyBNUyVX29SsCji62dO%2FVZcO4UApaDzxtKDtdfRDvVSIb1Rzy2rmz%2B%2BCP5V4%2FtyVvqDdI8xn4wBAYUtJmL1GxkJgYg0VnRypbRNKE2UmSVdXur5tuKWkN9Z6Sy7D%2Bunn7I8q7dt9fX%2FJNZN2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6941eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
css.css
gastromium.com/template/css/ 		751 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/css.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91785ebfb4dd5e74defb93a45dae709d71eb1a46e4b3f2822426509dcda2ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsmG30s7QWNR7qvj%2FZsvSP%2F8QcQyJD1Fd6uv0COIZfV3LcOWN4o4x8uxc9YkMronfwQQczdE%2FimA%2FByNnHR1naOi22SIHAyS8ShwspR8PktE%2BWG%2BBfaHwBnZMK5Dc84M8m7689pnA3fBLH55Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6a41eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
css_003.css
gastromium.com/template/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/css/css_003.css
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35769e7238b799549a503d104e97efe2d7d14058283793150db5e698a39c20e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-1ebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZRLG7LQPnVGw505h05tIWQfkpMDrlcUWf4xODVlud6SrCX6bp4f37A9zvPeuh60dqgK8OncSGw80oOoc7mKRzKPlVyrqb0s3UzgQfyyEshvj3pZuz09hI33Pez4h8dAMGWzlIgnhlRb%2F0%2Brxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6ff0e879fb6b41eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2634948
x-jsd-version
12.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19121-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJA4tPK%2BkGvqKSdd66czK%2FRFMj%2F236HDLgljvM%2Bj8e%2FIRiDZjoipVhON%2Bfh6xw1HLZXD96j6CmT5XCXh%2FCLDEkc3BoQS7oTyST7Fx07lLRXPJd4wFZjEoD6bqE%2B6GtFyv00K%2FTGkd6y75c23U44%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ff0e87b4a2f233d-ZRH
plugin.min.js
get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/ 		395 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbcad007c82a8c2ecb4352b5090d0856809573534f94618436f99d7c6b3aacdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 20:59:50 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 12:03:01 GMT
server
AmazonS3
age
1071
etag
W/"6e3e5f7d764c51a3545efdc3a5a453ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0Vo9xY7_4PkJwgn54zdYNuazoI0BoPxwHpzs0qPMtkNOqbuMsOQyoQ==
jquery.js
gastromium.com/template/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/js/jquery.js
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7Tvi7SDWxxmHeCo%2B%2BZoAhPAvALH%2BrO0Ldv78LmXf7EoP%2F96c0mSVGL%2Bbg304tWGjJQ6UB%2Bv5GfruCDAZ14WnyJDeBn9k%2FoN%2FCO1PoOeM0dyylAh9ldtH8oyoMbBrrUqdiKKneUNrwJ7Gt%2F1tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6ff0e879fb6c41eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
jquery-migrate.js
gastromium.com/template/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/js/jquery-migrate.js
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
574862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Mu%2Fdk8lhxTCYDHzCpf0fndbIhpwrbZzTME3o%2FjSIbd%2FlgI67b9hADnUZm6vmF%2F3%2B9ivHlG0RPydcdbOMKkhVbZdWxBk86i8Gr2rsC7v9eE1JBxoOH8GQsDdwtevV8VGCzi8L3eo28bJyq1yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6ff0e87a2b9d41eb-MRS
expires
Sat, 14 May 2022 05:36:38 GMT
scripts.js
gastromium.com/template/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gastromium.com/template/js/scripts.js
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1310655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
W/"5f92840e-3868"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtQBVO0EXAOWFtwB6d0%2BZ%2BssAaXRoATb8eD42vfFFceTAAzyuSIHvMcp2HwMzkZiu%2BskQZrYgluBInjf7NPmUWHl7HW11ftH0R5QOxwZzY%2BV3xVPAbrr%2BGUS0nCvLOop05S4alETK0mkYrLm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
6ff0e879fb6e41eb-MRS
expires
Thu, 05 May 2022 17:13:25 GMT
cropped-banner-herbs-2.jpg
gastromium.com/template/img/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/template/img/cropped-banner-herbs-2.jpg
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb71a9f2730c7ec7e58f4f9c6e04da64b5a81ff7b9b7d86dfbc4c2e0b8f338b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1586787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113002
last-modified
Fri, 23 Oct 2020 07:19:42 GMT
server
cloudflare
etag
"5f92840e-1b96a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcMLSLT73sCr3PrpZ0xUQgjBOUQy%2FFfmN997LN2NtJ3npwJJkd%2BIzJbObCYC%2FAA1g66oMlHJbxyOrLJMNOHKlvLFr2OIBwkQeu2Sp05bJNC3HddUEHgOwtx4mXQZqgtBh6zxA173EKmTQYqj0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87b8ddf41eb-MRS
expires
Mon, 02 May 2022 12:31:14 GMT
qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v13/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBbXvYC6trAT7RVLtw.woff2
Requested by
Host: gastromium.com
URL: https://gastromium.com/template/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2336b09355a3df32cdf44b4144dd8b822ef9a9797dd7ecb64017a1638ac539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gastromium.com/
Origin
https://pt.gastromium.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:57:07 GMT
x-content-type-options
nosniff
age
120034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26336
x-xss-protection
0
last-modified
Wed, 04 Nov 2020 22:27:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 11:57:07 GMT
wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowsemicondensed/v5/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
Requested by
Host: gastromium.com
URL: https://gastromium.com/template/css/css_002.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d19ebd96d32f8175f26342c76f20ca9b14d82181e9e44133365d98441d088abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gastromium.com/
Origin
https://pt.gastromium.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 22:13:13 GMT
x-content-type-options
nosniff
age
169468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20636
x-xss-protection
0
last-modified
Wed, 17 Jul 2019 00:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Apr 2023 22:13:13 GMT
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
Requested by
Host: gastromium.com
URL: https://gastromium.com/template/css/css_003.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659ff6b596a7ddb648cd65a5429893be655629c0d36a7703817a63a0870ec020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gastromium.com/
Origin
https://pt.gastromium.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 05:44:39 GMT
x-content-type-options
nosniff
age
55982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14172
x-xss-protection
0
last-modified
Thu, 22 Aug 2019 20:44:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 05:44:39 GMT
kitchari-the-nutritious-ayurvedic-detox-dish-vegan.png
gastromium.com/img/recipes/56/ 		677 KB
678 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/56/kitchari-the-nutritious-ayurvedic-detox-dish-vegan.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759f46dd1c579d006477d697cd0ea850430caf1bacc7c81c24d807f5395f6df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
693637
last-modified
Fri, 23 Oct 2020 07:18:46 GMT
server
cloudflare
etag
"5f9283d6-a9585"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS6vAskH89BX1L%2BT3phWzmVFBlNtbOKHCv0PQlxnZxfNZOQ53dWaIW05M%2Fl9BwggtiNu1n8ilp%2BauaZ7fk%2BJxyOsyA73m0eAZvhBT4cCEWTDPVinlyNySbgx1TIhU7SA4C%2F2purvRI6GjFni6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a221e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
how-search-job-without-getting-busted-your-boss.jpg
gastromium.com/img/career-advice/55/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/career-advice/55/how-search-job-without-getting-busted-your-boss.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36adbd066c49c75e52cab1fe7449022eed10aa497120fbd90572fe0b15a8aee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5481
last-modified
Fri, 10 Sep 2021 09:04:44 GMT
server
cloudflare
etag
"613b1fac-1569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru26n2t%2F8mNotoJAJRfEcoGdXMpPSbB6s69eN9J1EzYfIVjVjR2ALwC0PUwvLAwJmEx0gJD9NhLS7Wx%2B9fN0y85KAudEvSd8bJ4KzbgOznrM7%2Bu%2BL1ysXhnpZRYE7A2u2Ki625afSuxUc2lSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a241e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
fresh-korean-bean-sprout-salad-vegan.jpg
gastromium.com/img/recipes/38/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/38/fresh-korean-bean-sprout-salad-vegan.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03647115fc5ced59028d61f42cce7045a2b960c8f56a81ff4636c1b580897f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21460
last-modified
Fri, 23 Oct 2020 07:19:25 GMT
server
cloudflare
etag
"5f9283fd-53d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BEmiJA0txxkBheBohv9nS5Lov4D37aDFA%2F1PKFPW4bvAQnJosV0dXqg7h9lI0T8wTDugxFFKhZDs9RQoVp2huVrluLzCnnlycAu8gmuiHbiDtmuvY9S9TH01S5acBCFfSJ8Np%2BnLVJ4WDaW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a261e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
the-right-way-have-friendships-work.jpg
gastromium.com/img/career-advice/34/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/career-advice/34/the-right-way-have-friendships-work.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a55f91f4e7dc053bc57adf5f27245f263bf4e6a0b70ae5968b773e70a578a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42938
last-modified
Fri, 10 Sep 2021 09:05:18 GMT
server
cloudflare
etag
"613b1fce-a7ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9Zjh%2B%2FDNkOVg2EZW1iHLqt9PrBdb%2BZkTObIig9Rr2e9YvYQbfVV3uEx3RAVZOTCSU0sPbWxPEa7XaLyZMRX%2BrtfyXVGGO2rv8vzc0uszekl%2BmnOCAvB6DzMpvyWzmnaz7nMyxw%2B%2FfkL96sEfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a281e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
almond-pear-thumbprint-cookies-vegan.jpg
gastromium.com/img/recipes/33/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/33/almond-pear-thumbprint-cookies-vegan.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e35cea07072f1db2aebc7f7beb4c97d2f85d120b97e4af9f57718e54a3e47ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28141
last-modified
Fri, 23 Oct 2020 07:18:55 GMT
server
cloudflare
etag
"5f9283df-6ded"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Bb11Ww3WQHbHBhN9TehsvU3IrrGnHUfXpgNPEnNotcEUBMPdk6Yru8sjy6r%2BTyiyPMpBuoK7cNZ2CyzzdsLeR4iskbd5MceKEyBO1XwtOymVOmxX%2B8HqP5HwwnGRLT2itoadO7JgDaZz2yMww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a2a1e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
creamy-pumpkin-pasta-with-fried-sage-vegan.jpg
gastromium.com/img/recipes/97/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/97/creamy-pumpkin-pasta-with-fried-sage-vegan.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec3e0f164a5c623a0b9215fe7df87f734a4b2aba52b7e4b0d02f828f28ad03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27970
last-modified
Fri, 23 Oct 2020 07:19:13 GMT
server
cloudflare
etag
"5f9283f1-6d42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2KEswr2ru1PAgZ5aMn2I5VZkVshDoAeGYnwv8WL2YueOALHa9N9QXy4ByTPIlmDX76QdNO0m049mlovJVrhHnfTjr04SCngSYLP5jGoPTPoXpPaUpBs7sb727jBPv6TI1GPnm64N%2F2t1Vvl4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a2c1e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
loaded-bbq-jackfruit.png
gastromium.com/img/recipes/98/ 		573 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/98/loaded-bbq-jackfruit.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de97e3122124d4979e328055efa798f9699a4f977088e95ba779836cae8c9ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
586869
last-modified
Fri, 23 Oct 2020 07:19:15 GMT
server
cloudflare
etag
"5f9283f3-8f475"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH5z5Xs8ma4h5dwzsb9sR1H0QQGIo22HzBZIZwXy88y2YSCAliUfjxzfEkuSA6ZJglSsl%2BWWuupbysWZGA%2Bk8a6IFcH1Bwdylg6G4BsUodRyY3sYnDDjU1cAlPYBMfJvFNEhXGfFU2ecf2Vvpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a2f1e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
apfelkuchen-german-apple-cake-vegan.jpg
gastromium.com/img/recipes/98/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/98/apfelkuchen-german-apple-cake-vegan.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015ff670c3b5f5ef9737dd846216bc9f038d4caece1fc07d63edea131496f2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20402
last-modified
Fri, 23 Oct 2020 07:19:16 GMT
server
cloudflare
etag
"5f9283f4-4fb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQo2NF2s2RiAICCGETk%2B9q4ocaeBFiHCuTXy6DYDT35%2FtQvuCrGUkGzFmXN0ryiNpRew5ZNdu81HvWK1Axre%2FICqnkVSnvmckBUsbELsALHA0bJCcpchYjnA%2FripYxWI98mm13cylmcwtU1cww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a311e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
creamy-white-bean-hummus-with-kumquat.jpg
gastromium.com/img/recipes/03/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/03/creamy-white-bean-hummus-with-kumquat.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14aaebe8e038e156b3d4642ee65109b88beba193b4d4aca7e3f37bd7e4cb043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21927
last-modified
Fri, 23 Oct 2020 07:19:40 GMT
server
cloudflare
etag
"5f92840c-55a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKP%2BJFHljJkOm1olW%2Fm9LJC19CwNx9W11C9KXZwgQlsADJ3Qv1IzqGHBana9s2t%2BaEi3KOC5KbAW9Wdc6tV7t7XUFHQ7rrpL8UNE8LFf8L9G41OMxkLgIhw80U6v9zdAOj1gEDjmVE7A451pyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a321e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
vegetable-flatbread-tarte.jpg
gastromium.com/img/recipes/16/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gastromium.com/img/recipes/16/vegetable-flatbread-tarte.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5339c211c56ddbbcc09a6cd185f9c130e580b10f76d78ea24c9cb0c12c8b6f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20947
last-modified
Fri, 23 Oct 2020 07:19:10 GMT
server
cloudflare
etag
"5f9283ee-51d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWILQ8ncqrC8iW7JzQ6cVqq3VfnC6WMf3UcQmGys%2Br%2FQmE%2BCkdw5ioCvb9IIBgf255p%2Frb%2FBreDkpFS1ZrxDBg5eaxREwREbAIAn8dl6mAn%2BQTakDP1C2f%2BHDEhToherpr2H6AbLxu%2BG8IP37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff0e87c2a331e7d-AMS
expires
Fri, 20 May 2022 21:17:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
6ca8ffa3793893211b88ffda414c65d61a0d9a66a6cf571427b55912f6245ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1192 / 676 of 1000 / last-modified: 1650452814"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Apr 2022 21:17:41 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:54:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
14271810
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
COyKbwQffEyPz4jdZ-M2kMCG29CoFSQePR2RPgIrv36G3FfSEU-XsQ==
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pt.gastromium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pt.gastromium.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Wed, 20 Apr 2022 21:17:41 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220420
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bed460c8d9b5ca84c390278610d80bdc15c12abaa1481b85b1a375e1215aeda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.gastromium.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22602
x-jsd-version
1.0.1317
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-cdg20741-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-OtFGlWPBgwv4HsnJYzbdTiRqi7A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C5PohDWDpGHGc7UelMAxm6JZJIV4AO4qO0EoGy%2FtaoL%2Ffb3ySNEkw0YpPgA5DmdpyzHfDMBptWwsa06WoJTx73S3zTnocl8lfsXn7lb%2FHVD1v5ooHTsMd1Jl%2F0DJy7AwDUOXFAVrfHZ8AXP%2F2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ff0e87cde252355-ZRH
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801506
x-amz-request-id
tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2
tx0c810f9b689a43feb0d6c-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHH0oKHDOiMorZpDtzXEOu%2FYmZ%2F2ynO%2BqnQNNwWa4IWo0ndJq5J1AUt0TP%2FKl0XxHbR3cceSDfcL0C3QsyDq7LJ9KPJCm7xrefVbyZJAxI5SdWgOl7yqd5IJF1qq%2FAA%2BSa%2FMMr446KG6Konp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
6ff0e87cff765a1f-MXP
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.gastromium.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.gastromium.com
date
Wed, 20 Apr 2022 21:17:41 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
161
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.gastromium.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.gastromium.com
date
Wed, 20 Apr 2022 21:17:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pt.gastromium.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://pt.gastromium.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 20:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Apr 2023 20:12:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pt.gastromium.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d3ec27e45967640c4d591479b849c14c1db30b9904432997928d80d3a8d1bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75
x-xss-protection
0
expires
Wed, 20 Apr 2022 21:17:41 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txd10f9e44593647059514b-00625440f5
cf-ray
6ff0e87dae3959a7-MXP
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
txd10f9e44593647059514b-00625440f5
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvHEybDOiBAPawxj7ClQhpz6Xgfue6BT%2Bv2r76iXIHjl5Ojh06xWpOSZoiheQVhnGHswcsbLmn28AzYh5Nf8YtnHVc%2B8%2FZtwMYHt0BhLzDxk4QaKc3J6EC0dWB9mhPjzqJN1jPIrU0xxPW0Z"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1649687874851815
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pt.gastromium.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pt.gastromium.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1006 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=799391400885756&correlator=3640945601998782&eid=31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3132106321&sfv=1-0-38&ecs=20220420&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650489460967&lmt=1650489460&dlt=1650489460019&idt=920&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpt.gastromium.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=942044067.1650489461&ga_sid=1650489461&ga_hid=122548406&ga_fc=false&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6bdf0a19a4a57681cfdd0bf78d6217d9d76d0916bc826c6f034a606f1cd26809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
544
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pt.gastromium.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21e74d132a0b3ffb28342753d1f84d0db7a1ab314e6411440ce4242f4a64334a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10587
x-xss-protection
0
container.html
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0386 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.gastromium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 21:17:41 GMT
expires
Thu, 20 Apr 2023 21:17:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022041401.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022041401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
c321245e6d62047e34eb64d468495376a05026060a19408588ba2dd9e552f1aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 10:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13283
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Apr 2023 10:36:12 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pt.gastromium.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pt.gastromium.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=799391400885756&correlator=3640945601998782&eid=31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=2&adks=1160688025&sfv=1-0-38&ecs=20220420&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650489461021&lmt=1650489461&dlt=1650489460019&idt=920&biw=1600&bih=1200&adxs=436&adys=1200&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpt.gastromium.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=942044067.1650489461&ga_sid=1650489461&ga_hid=122548406&ga_fc=false&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
5890fb18760cb4a94eaa0f87e756a2a9587c95e3b2c4c7f720e489b4540a55d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9418
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pt.gastromium.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 21:17:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 408E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.gastromium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:40:27 GMT
expires
Thu, 20 Apr 2023 19:40:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B655 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b7eef02becfe85cc5ba4ef51803d14502ad7b7707d1531bf7cefc7b7f6c5349
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NtML7PXgiSTMJn/z8GXM6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pt.gastromium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-NtML7PXgiSTMJn/z8GXM6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 21:17:41 GMT
expires
Wed, 20 Apr 2022 21:17:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 408E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 13:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 13:09:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B655 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=799391400885756&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 408E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eqXtsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BF0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.gastromium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 21:17:41 GMT
expires
Thu, 20 Apr 2023 21:17:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AFC3 		624 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 21:17:42 GMT
expires
Wed, 20 Apr 2022 21:17:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5BF0 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZVorNc4PdlsAqI80VXswz6CNBTOb13yfEBGoh1cxJH-7y-V93zbUeN3NMlu9bQfCBIrkYbemmsGGoRE-nKvOIDiftwo5cGb1ROw52Mcx-2jpFWZjgh6s6oClSaIrG4TFk1sjo_0IMcyTEXMU5uVK8_0zg0g&cry=1&dbm_d=AKAmf-C1G_Y2GhwbBJuAdBw8vDGUp7R1qzUxhOTMgxewFoay6ei2IdAE1jYzFA7ZtFki0NjZK5s62EmZNUEsHIkHjtjhhyFrL-7xU_W9x3TXf9mOOaxUV7KBeuP-hV5yafcIw-AZhsHS4PQQl2w4olilFUORQhyy2Mq6MuqKy1e7c4NrdWCgD0JucA6msy85b9Gm2sZ_c2_nwRCVhpkR-WvHEfANVektD8vlJ99vwiaccHh6yCWk8iTWmaBd5woVoI-JJbgGE6OfCam2HU56yPUeZzDc6lH2ORtgrKxyn9X7Zm64hbbB_BKc6CEpOSRc3qcO4FnKWxeTkn7b0hx20QmiMQwLZnN_n3TRnXan9uKwHQk4_LOSaUAInEfx-lkKsnmtInfyx7Bc8XKCZTBnJ62gyQbGuHejh2-E4KRIOMDkVz339pHt9TmCV27hVqg0Qa7jD2Bkgx9j0dgAN9adWnvXfiM_dVRTpk9Vfg7G_UrQZRiUOe0dxJ2tR04rbVeJdqKvUj-x-2uj8fh53OK5hL_9Jg4h5U8L39RSeW7sUReIIq34VRCgL5Ek78fJ427bUpxXoYRNIYQFrqKFFH3j5oOCsHrd-u2C8q6v3l9txoysNr9nCV8DRmuq8ipbEksJs4F8W9HIHU88Shmo-A-C9H15ge36Sdkec2h3cBOuPxW7JjRIiTvrgYfIN-Jv2KhuhVqWxpgkCzl4lQ4re-o49XQ7mGSguub6HVqDFb9mg9lrpvhU1BB945QYr9Ial91-HCaiJKPuYtnf-d0cqNG6acQ3VIiifdJjceYe8L-GCeBtM1n2Zlj5OwN-USc-fxQ_kvjfO00MGEC9aAX7yUtxtWkCIeKaYFR_h4ncEv-bxlkCc-IT58TlQUydik0ZL-AIkwYDNXMJLirqVHsLfTD_BgKtRF9aFNCrqrZpLYJwl1ZNufIYaWjt7iY_dEgf7n-o8lDbTkFbhtzu5fItHtsa1B8dcNJCk5nTN5gIDdcsJZEYh7XBV_qNLBk2-wEikqmRsCUKDu4x4Dyg9wZTZhg8gdjoiPG4hTnJmDPfBhtnb2etSsl0JeOwxLNreSOXRCbcMcc9eVYIj1ms5jvPZBK8ZL4TgQoBR2qEaSAwtRUPgsc4vBfCm4NtosMxS-5Ka0ct1g3eZBvspbo3gbUl4TnhXmdDPMMrRLlVwTBSl7CND6AT3QzWPlf9ipFykg85kbBN1TJ-sHJOnTZ7NdQWEc0Owo4TSnRxV0T0YIvj9-b6cTwhWGlwHFyX1O8qEX2skOvNLvg9BcSCHADSixlqArS8sLEM8x93RSA0Wqt7vznp40U90ymymhcJ2WMoeutfHtnLISSdbV-8ozbFZ1PU26XcJgJn41dBb8kdIAPdu178_19kEPBhTnIjnjAGPVMP_2Dx6_TSBdM_MrWCsqYgdEAT7W3LpyTnSb3DfY_N1ovfrClXl-TyZhyo2rvYIYQJliOZA4PtFHqbbJXcBMt9eMzGvlRMxmUumSkfv0dG3FaxujHpusmqJbMz7Lu-0yKlwGqDGkdkVES8Wn1JbFgxUq0taKI3Maj_s4CMwJfMqNyUmr-pz9u9BwaYGf8Owst2B5o8kKteZfOUAL0KrSIj0xTwJmRcwdP0lRR5OzHR3kbTvTHZ061Jh4JzffqZOdKkRZ0GdCOCYiAx0tiwGLB1-IEzLKkEDr8OWcZA19CRd9HE8RtqJu-LsnukzCfBaLPaubwoWJr100tC9pMmYhB9Ca6LigBSy1O6qCNDDA9lOMIgXyO6Ebiqko1HA_m7ljXclEOYMx4GZYs_lIfOIbjmTZ0LAPwezbmYLBzJkXWeAVftUbCWBSdmAovSv4SOtUU9vx94pTWhxn1BlLfte_7rJcDmZj1Ygq6kRKpfEhiSX63yxTiBdSanE2QUA-K36o3sFTu4YuDx2sIa7t89N5_1gWX51ufydkaawg7hGQhLK4HdLLo_gCc2yPUrzJx3AKgv_r1vIHPCpVlOJ4WgFoc1jAtXAyg2TLLlp5qBcMI2716KkiLr8nheMqIPKG4M7MQCTMiokrvzkbwnBC8QXjDcrZFIdsf9FE0_uBvnvyqoWqkJdeT1LflyDip1FMRYZDrSW8NsrOOrnIZ1gBoiKHGBn8FvsNExkmsADqwDYxhMly0_mRyUHWDpWdF43fc_yATRr4s55QlPB81awQNsyAd2DIKfUqtpM6z4Bz4F8IQ4s9QBgggcwyETnFVqlah1l_hN32fFFvLo_47Irf1e-17M7S7Jeo5-LxqAVgQlKi9Fzk0Mk7qPHwQT8GjcKkbqzMhunnMXaqK_QWN5CvI5xNCRQdzhOYt8rJGL3vMw-dbb2WU2U1rJ0XsUwh-XNBDIfv-LN8zapSn2ofPzJbl-ipuU1nDPmM-W3JkwEDz_CDyJTmeP-ZDwZfMzzh524E9erma5bwngA-riVXF77ZGsMEe-8mn-VVUb5RePbXk69Xw3HIf39YrLN_UDZ3SbreaIz5mPp5bvVKW1iYOXTsvCvBnrAu3oztnIdSep26MtzKytRXrob7OEGSms1-nDat1WlG0n3VGLNSdg96GlLTatAvkQMykLZ3n-1cR8Jk9mBeYOkq9lqSa3irxYVC1w7OSxfoLXPXzZNcpxrlpKNaZLj4JIoDfYBirZZWMvCURSG-AlqQm8Ua2O3PeLsLHZvOj0klP1d1Q65V1NGsua4ltc8lNRoUHbcX7pkurogrprhjS3XuOiyHUJZW4fvSr0rYWJxBCmk3NFxJwQiE129GXFi1EFB20X8h5aBd_S45PBsqOvoTIIyMQhlKJtqJk5_I-PD58LkF9J2gqGr6dTtOiVRy2xbsIFWytxHg_wBBOfwUT3aI9DyA5MI2aPc1M0zBbeEzD2dRLUq3yKYmAUr79DtwJFuSe7I1SI7HRHWVhYuCVkJN-cLaqsZo-Z_KZ7NhY943UMf6e68AZEmXMymG4e5m1m_ASZ8PeebKeFdRzJBTR3PVO0i7ByaxZgIcINBZl1DGlrYf1SjYTNYbgus30PKJT4gL5coZWo9CkxkPzzVLdMsrSwWLem834qXIKr_ZAMqejIcTdlpACqQR5f0kYln6E3haYGYnm9agfTdilhXMMJHye4ERn-JhT75Iy_FyG2ugm787u_OflgpU85KMYnlFofnHeQHOFu3U8pC2bbsqaGQ6-XsLB8JlmjX-EKLfX0oYvqH5Qf8-0SJDbuBwgFk7c2C8VH-yUFuGjSCmvfqKJ4Z9oj_QFE5Wk69d-jEy7TCEaqq9djoXsPy1w65fUsH0TH54AMBJqTIS8Zy4gE9AAZsQeu4xencNoRw8Nexb19RHXBJ-h1xXWDImNAOXFhZx4xsAzdJEgvWRzGelTsEHIOyuO0p9bCMJ2_hUYgTeTd7dTXAnYvA3BqvcCwehDg13t1Avj_NIbcWiWPNmb4xTjssHU-Vnc6vuC6Ji83Jr8PkQFwlXh8Ju26i325hXv2SXjVakpzOMSlYLye0rg6F9gykYzfGluQELTtDXY7XwNVVohQkVno7N_Qj5jLJgZmudxvCgt22VhqeEUybsO3DGRA3XqhIjSErfjQuFeagn59oXu-v8NhauMaSC30fIODHypeAQUmZ1s1fAPiiKADNlg9FaddUfepjoV5FOF6vOir5AYu2DXpE9JKqfVjX5BbaUGO0H71-5_MaAkkcw3nilIamH-itU5uyc1Y3ck2KSVTbZpP-MMIMOCH3SM2HFN_pt3gZsQ_d3kQxvRVE_PPk7abe7D87sjTBFl86vI2NUxyRM5W7bCzz4ke6mbyyLQXX3RBzud9c7UuJRIi1xRiAuQ9Sok9FrlI1HaCO3SQsU3eltc2nTy5iDoggOLbMVzKH7Ts_EWpboAyCroBDHQJMx_eB0pTPSvahkHODArf9tf7Fs6bU1uGc3C43wz34wkBbb11n9nFr2vMGHOLO8fcEpu6GWJsFIgotIXuVE-qt28VRjjGr0dyA0rAFqn8dPZfKsOM93Mta46d8XgOJq-NV8AADGWTGBSmhI8GGwz8tcCbkyG1vNAPcZjG7vjCYX3CYv288j1t7OrxLzHOGpazwTDg-u-jXviUQ5sqL1-t36hGWNNjtkVfH_0Aao-mO-3bX3Wm3dvcRVYzu7vzUz7Z3QQhTLmvoXpkdAHxAwSrzyKfljuboBCCdxjhJIAEo5PaqMcmt-3j6sl3HOs_19R0tA&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&rfl=1%2Chttps%253A%252F%252Fpt.gastromium.com%252F%240
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6c12bef3e89c450899650e9bac6cd514fdec503d25b4d8b78dbe87c6f74bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BF0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZXJGdhBoJTvdlO0Rzap14Y6Fz9LFteW-toqBaVFRVTbKtP1Q2Rr3GFZXbFZ3hTBuuWUi7VxAeAQOWuFippQG3YnSHpQQXOaqoCyoiTTUwkriXU8Q
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/adfscript/ Frame 5BF0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfscript/?bn=54370173;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&sig=AOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA&client=ca-pub-5512390705137507&dbm_c=AKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ&cry=1&dbm_d=AKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg&adurl=
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb452c04a0dfc0a4e0b62b619eeb95116c80514a0a131d0e9bf45e4504d6859c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2176
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5BF0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 20:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 20:53:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5BF0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 20:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 20:58:17 GMT
l
www.google.com/ads/measurement/ Frame 5BF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuaMVUeAqwCriYvoiDbqt1HLUu7570OBLxgUj-af5lCJWF7vhjdVVy7ttLkwELv3d0uKPW
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BF0 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 21:17:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=799391400885756&bg=!GBulG1_NAAZvJBiFTyQ7ACkAdvg8WsoEOCYcbmh0dZFJjwmJr9K0zwQ1mZXip7RBCxqQfW7ze7x_-AIAAABUUgAAAAJoAQcKAM3QySasE1cM5CX2L77BXYGO0JuqQulY8eL8ggy90rWaGVXzS08vKQUlos3SjfQqRZE8h6f3Tj1zoHJLRuWKuHXUSHVsHnf-oWSTfE0nPHeowrSKfLwatM1Gh4z0qMr4h2WFeJuSPzjitFk_L9LDY6gnf7XMCnw5SUdngdEaia7ZTGPQrq8Z0kC-WPo-Kc3TZbvz4wxMoCTp-SsK5SXAaOqOU-vRra0Ys2XyB_GB5G-vJ57i3dQL4s0Lsd0uQ78YluVxhFcKvBKSVREpVBGNmQKqjKRKN9u4ppBfRD-aCtv3OnbxcJuXlHKGzKa5izCI95zSvvs3kFEFkrqpFBiyUxJbuOsdN8MoEss8XlQr9zzmYZ-7Z9sSH-VLdHVJdEGqsNohRifZbnU8aSvrUFivM97SbI8jLHOU3I2O0S22Yc5CXIRLEqEWApxdDsn9_o-FsefAi3zhfzT_AVeYtbC-VilFcB80Qxp_gckgSjRQVBACWLHIROHkQwArEgN4CjyRkc8eHgZXd22toJ0OkYPc8MKLqTdm5o9rYt1MTTMFlkTNgDBfYQMRdwl_0EWzg4PmbOJ-MSBcLaY44zGRgyKSYUyarRTAUzlsGYkUzdAOmnkhfb3sENUHCqHinTNQLx3jQ2JrlNXQ850JmBXIy3ONY9PZROHLd2IyqZT6z3AbDfLUpTafipTxpgr6_GGp6vv3u2nkiEVHF7n5_deEZgxmn6czLSt71ymxHl9yKzvHiZbc_xCAc-Ynwa9y8gY9gP3_yg20YPyLsAdvESUVzCjYNTw0BAF3yKCd6I-rU-deRJcc8FLXA3F_WdZpr3lZ_9SCgaoSyaROMLK-oVXLI-h_j3pau2uApKmFC9AgzEL3hFcFB4yIvUQr4TYG26xkexKCiDVIq6kfxfJu7N1tQ2W5VIw3vrMngavk6Emv-w7MMd4TXArua8FntY2rtdk3MHfHJJxFhy06hlcTwQhqqlQ2aa_y0pUkmJJ0LWlGb7tHmfyz7S5SaiiWBVgsyB72loEgwxhaunZAtyEjzbfW9zFZ_9kCkmszHX_cG-I1sh6VxOxxDFSzC36mBjYLO0hiCmLwEkCuDVxEcxX_Vm5olh8IKvQTDfXzCuuzMUyEctPTSo3tR2-pbdu4dOa-sUSpVt_lRKJUdGIoOINtrZSpkBOgu9JmDEKkVeOVkczVjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame AFC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 21:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Apr 2022 21:17:42 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 21:17:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 20 Apr 2022 21:17:42 GMT
rum
dsum-sec.casalemedia.com/ Frame AFC3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmB4dikqvw8Pv.xIS2h2AQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 21:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 Apr 2022 21:17:42 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqWKDNVwmdffjniT3iu4Ns&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AFC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDH3TJ7_v0s3mr6qG0c-UO8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDH3TJ7_v0s3mr6qG0c-UO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 21:17:42 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
68266d36-9140-4578-8090-12708b7d4b2e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDH3TJ7_v0s3mr6qG0c-UO8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFC3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1MDU0OTY2MjMxMTIzMzc0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1MDU0OTY2MjMxMTIzMzc0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYgcPQxwEwAQ&v=APEucNUCyHjrhB8QZONs06Q-nVUqNDQDrXtZtBH1BmaQBxs3R8uTRajMpEeTYKZk7o9PRa5QX1G0icUfDeEL2BRzGC1miGBNiga8YcNZpNcjqo3jC5lC3iviPO9njjhwbgciPU2PqfdvXVauU2sfGYLCn8j2kG4EYesHSF88KqU0qJrhqaznGul9iQVwmnnxr8uS5JbVqdkTS4ETEOH6zKSTg4hAVzbCmw
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Apr 2022 21:17:42 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2390d046-4ab2-4900-bdbb-43d0973249cd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1MDU0OTY2MjMxMTIzMzc0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 5BF0 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZVorNc4PdlsAqI80VXswz6CNBTOb13yfEBGoh1cxJH-7y-V93zbUeN3NMlu9bQfCBIrkYbemmsGGoRE-nKvOIDiftwo5cGb1ROw52Mcx-2jpFWZjgh6s6oClSaIrG4TFk1sjo_0IMcyTEXMU5uVK8_0zg0g&cry=1&dbm_d=AKAmf-C1G_Y2GhwbBJuAdBw8vDGUp7R1qzUxhOTMgxewFoay6ei2IdAE1jYzFA7ZtFki0NjZK5s62EmZNUEsHIkHjtjhhyFrL-7xU_W9x3TXf9mOOaxUV7KBeuP-hV5yafcIw-AZhsHS4PQQl2w4olilFUORQhyy2Mq6MuqKy1e7c4NrdWCgD0JucA6msy85b9Gm2sZ_c2_nwRCVhpkR-WvHEfANVektD8vlJ99vwiaccHh6yCWk8iTWmaBd5woVoI-JJbgGE6OfCam2HU56yPUeZzDc6lH2ORtgrKxyn9X7Zm64hbbB_BKc6CEpOSRc3qcO4FnKWxeTkn7b0hx20QmiMQwLZnN_n3TRnXan9uKwHQk4_LOSaUAInEfx-lkKsnmtInfyx7Bc8XKCZTBnJ62gyQbGuHejh2-E4KRIOMDkVz339pHt9TmCV27hVqg0Qa7jD2Bkgx9j0dgAN9adWnvXfiM_dVRTpk9Vfg7G_UrQZRiUOe0dxJ2tR04rbVeJdqKvUj-x-2uj8fh53OK5hL_9Jg4h5U8L39RSeW7sUReIIq34VRCgL5Ek78fJ427bUpxXoYRNIYQFrqKFFH3j5oOCsHrd-u2C8q6v3l9txoysNr9nCV8DRmuq8ipbEksJs4F8W9HIHU88Shmo-A-C9H15ge36Sdkec2h3cBOuPxW7JjRIiTvrgYfIN-Jv2KhuhVqWxpgkCzl4lQ4re-o49XQ7mGSguub6HVqDFb9mg9lrpvhU1BB945QYr9Ial91-HCaiJKPuYtnf-d0cqNG6acQ3VIiifdJjceYe8L-GCeBtM1n2Zlj5OwN-USc-fxQ_kvjfO00MGEC9aAX7yUtxtWkCIeKaYFR_h4ncEv-bxlkCc-IT58TlQUydik0ZL-AIkwYDNXMJLirqVHsLfTD_BgKtRF9aFNCrqrZpLYJwl1ZNufIYaWjt7iY_dEgf7n-o8lDbTkFbhtzu5fItHtsa1B8dcNJCk5nTN5gIDdcsJZEYh7XBV_qNLBk2-wEikqmRsCUKDu4x4Dyg9wZTZhg8gdjoiPG4hTnJmDPfBhtnb2etSsl0JeOwxLNreSOXRCbcMcc9eVYIj1ms5jvPZBK8ZL4TgQoBR2qEaSAwtRUPgsc4vBfCm4NtosMxS-5Ka0ct1g3eZBvspbo3gbUl4TnhXmdDPMMrRLlVwTBSl7CND6AT3QzWPlf9ipFykg85kbBN1TJ-sHJOnTZ7NdQWEc0Owo4TSnRxV0T0YIvj9-b6cTwhWGlwHFyX1O8qEX2skOvNLvg9BcSCHADSixlqArS8sLEM8x93RSA0Wqt7vznp40U90ymymhcJ2WMoeutfHtnLISSdbV-8ozbFZ1PU26XcJgJn41dBb8kdIAPdu178_19kEPBhTnIjnjAGPVMP_2Dx6_TSBdM_MrWCsqYgdEAT7W3LpyTnSb3DfY_N1ovfrClXl-TyZhyo2rvYIYQJliOZA4PtFHqbbJXcBMt9eMzGvlRMxmUumSkfv0dG3FaxujHpusmqJbMz7Lu-0yKlwGqDGkdkVES8Wn1JbFgxUq0taKI3Maj_s4CMwJfMqNyUmr-pz9u9BwaYGf8Owst2B5o8kKteZfOUAL0KrSIj0xTwJmRcwdP0lRR5OzHR3kbTvTHZ061Jh4JzffqZOdKkRZ0GdCOCYiAx0tiwGLB1-IEzLKkEDr8OWcZA19CRd9HE8RtqJu-LsnukzCfBaLPaubwoWJr100tC9pMmYhB9Ca6LigBSy1O6qCNDDA9lOMIgXyO6Ebiqko1HA_m7ljXclEOYMx4GZYs_lIfOIbjmTZ0LAPwezbmYLBzJkXWeAVftUbCWBSdmAovSv4SOtUU9vx94pTWhxn1BlLfte_7rJcDmZj1Ygq6kRKpfEhiSX63yxTiBdSanE2QUA-K36o3sFTu4YuDx2sIa7t89N5_1gWX51ufydkaawg7hGQhLK4HdLLo_gCc2yPUrzJx3AKgv_r1vIHPCpVlOJ4WgFoc1jAtXAyg2TLLlp5qBcMI2716KkiLr8nheMqIPKG4M7MQCTMiokrvzkbwnBC8QXjDcrZFIdsf9FE0_uBvnvyqoWqkJdeT1LflyDip1FMRYZDrSW8NsrOOrnIZ1gBoiKHGBn8FvsNExkmsADqwDYxhMly0_mRyUHWDpWdF43fc_yATRr4s55QlPB81awQNsyAd2DIKfUqtpM6z4Bz4F8IQ4s9QBgggcwyETnFVqlah1l_hN32fFFvLo_47Irf1e-17M7S7Jeo5-LxqAVgQlKi9Fzk0Mk7qPHwQT8GjcKkbqzMhunnMXaqK_QWN5CvI5xNCRQdzhOYt8rJGL3vMw-dbb2WU2U1rJ0XsUwh-XNBDIfv-LN8zapSn2ofPzJbl-ipuU1nDPmM-W3JkwEDz_CDyJTmeP-ZDwZfMzzh524E9erma5bwngA-riVXF77ZGsMEe-8mn-VVUb5RePbXk69Xw3HIf39YrLN_UDZ3SbreaIz5mPp5bvVKW1iYOXTsvCvBnrAu3oztnIdSep26MtzKytRXrob7OEGSms1-nDat1WlG0n3VGLNSdg96GlLTatAvkQMykLZ3n-1cR8Jk9mBeYOkq9lqSa3irxYVC1w7OSxfoLXPXzZNcpxrlpKNaZLj4JIoDfYBirZZWMvCURSG-AlqQm8Ua2O3PeLsLHZvOj0klP1d1Q65V1NGsua4ltc8lNRoUHbcX7pkurogrprhjS3XuOiyHUJZW4fvSr0rYWJxBCmk3NFxJwQiE129GXFi1EFB20X8h5aBd_S45PBsqOvoTIIyMQhlKJtqJk5_I-PD58LkF9J2gqGr6dTtOiVRy2xbsIFWytxHg_wBBOfwUT3aI9DyA5MI2aPc1M0zBbeEzD2dRLUq3yKYmAUr79DtwJFuSe7I1SI7HRHWVhYuCVkJN-cLaqsZo-Z_KZ7NhY943UMf6e68AZEmXMymG4e5m1m_ASZ8PeebKeFdRzJBTR3PVO0i7ByaxZgIcINBZl1DGlrYf1SjYTNYbgus30PKJT4gL5coZWo9CkxkPzzVLdMsrSwWLem834qXIKr_ZAMqejIcTdlpACqQR5f0kYln6E3haYGYnm9agfTdilhXMMJHye4ERn-JhT75Iy_FyG2ugm787u_OflgpU85KMYnlFofnHeQHOFu3U8pC2bbsqaGQ6-XsLB8JlmjX-EKLfX0oYvqH5Qf8-0SJDbuBwgFk7c2C8VH-yUFuGjSCmvfqKJ4Z9oj_QFE5Wk69d-jEy7TCEaqq9djoXsPy1w65fUsH0TH54AMBJqTIS8Zy4gE9AAZsQeu4xencNoRw8Nexb19RHXBJ-h1xXWDImNAOXFhZx4xsAzdJEgvWRzGelTsEHIOyuO0p9bCMJ2_hUYgTeTd7dTXAnYvA3BqvcCwehDg13t1Avj_NIbcWiWPNmb4xTjssHU-Vnc6vuC6Ji83Jr8PkQFwlXh8Ju26i325hXv2SXjVakpzOMSlYLye0rg6F9gykYzfGluQELTtDXY7XwNVVohQkVno7N_Qj5jLJgZmudxvCgt22VhqeEUybsO3DGRA3XqhIjSErfjQuFeagn59oXu-v8NhauMaSC30fIODHypeAQUmZ1s1fAPiiKADNlg9FaddUfepjoV5FOF6vOir5AYu2DXpE9JKqfVjX5BbaUGO0H71-5_MaAkkcw3nilIamH-itU5uyc1Y3ck2KSVTbZpP-MMIMOCH3SM2HFN_pt3gZsQ_d3kQxvRVE_PPk7abe7D87sjTBFl86vI2NUxyRM5W7bCzz4ke6mbyyLQXX3RBzud9c7UuJRIi1xRiAuQ9Sok9FrlI1HaCO3SQsU3eltc2nTy5iDoggOLbMVzKH7Ts_EWpboAyCroBDHQJMx_eB0pTPSvahkHODArf9tf7Fs6bU1uGc3C43wz34wkBbb11n9nFr2vMGHOLO8fcEpu6GWJsFIgotIXuVE-qt28VRjjGr0dyA0rAFqn8dPZfKsOM93Mta46d8XgOJq-NV8AADGWTGBSmhI8GGwz8tcCbkyG1vNAPcZjG7vjCYX3CYv288j1t7OrxLzHOGpazwTDg-u-jXviUQ5sqL1-t36hGWNNjtkVfH_0Aao-mO-3bX3Wm3dvcRVYzu7vzUz7Z3QQhTLmvoXpkdAHxAwSrzyKfljuboBCCdxjhJIAEo5PaqMcmt-3j6sl3HOs_19R0tA&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&rfl=1%2Chttps%253A%252F%252Fpt.gastromium.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 May 2022 21:14:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5BF0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZVorNc4PdlsAqI80VXswz6CNBTOb13yfEBGoh1cxJH-7y-V93zbUeN3NMlu9bQfCBIrkYbemmsGGoRE-nKvOIDiftwo5cGb1ROw52Mcx-2jpFWZjgh6s6oClSaIrG4TFk1sjo_0IMcyTEXMU5uVK8_0zg0g&cry=1&dbm_d=AKAmf-C1G_Y2GhwbBJuAdBw8vDGUp7R1qzUxhOTMgxewFoay6ei2IdAE1jYzFA7ZtFki0NjZK5s62EmZNUEsHIkHjtjhhyFrL-7xU_W9x3TXf9mOOaxUV7KBeuP-hV5yafcIw-AZhsHS4PQQl2w4olilFUORQhyy2Mq6MuqKy1e7c4NrdWCgD0JucA6msy85b9Gm2sZ_c2_nwRCVhpkR-WvHEfANVektD8vlJ99vwiaccHh6yCWk8iTWmaBd5woVoI-JJbgGE6OfCam2HU56yPUeZzDc6lH2ORtgrKxyn9X7Zm64hbbB_BKc6CEpOSRc3qcO4FnKWxeTkn7b0hx20QmiMQwLZnN_n3TRnXan9uKwHQk4_LOSaUAInEfx-lkKsnmtInfyx7Bc8XKCZTBnJ62gyQbGuHejh2-E4KRIOMDkVz339pHt9TmCV27hVqg0Qa7jD2Bkgx9j0dgAN9adWnvXfiM_dVRTpk9Vfg7G_UrQZRiUOe0dxJ2tR04rbVeJdqKvUj-x-2uj8fh53OK5hL_9Jg4h5U8L39RSeW7sUReIIq34VRCgL5Ek78fJ427bUpxXoYRNIYQFrqKFFH3j5oOCsHrd-u2C8q6v3l9txoysNr9nCV8DRmuq8ipbEksJs4F8W9HIHU88Shmo-A-C9H15ge36Sdkec2h3cBOuPxW7JjRIiTvrgYfIN-Jv2KhuhVqWxpgkCzl4lQ4re-o49XQ7mGSguub6HVqDFb9mg9lrpvhU1BB945QYr9Ial91-HCaiJKPuYtnf-d0cqNG6acQ3VIiifdJjceYe8L-GCeBtM1n2Zlj5OwN-USc-fxQ_kvjfO00MGEC9aAX7yUtxtWkCIeKaYFR_h4ncEv-bxlkCc-IT58TlQUydik0ZL-AIkwYDNXMJLirqVHsLfTD_BgKtRF9aFNCrqrZpLYJwl1ZNufIYaWjt7iY_dEgf7n-o8lDbTkFbhtzu5fItHtsa1B8dcNJCk5nTN5gIDdcsJZEYh7XBV_qNLBk2-wEikqmRsCUKDu4x4Dyg9wZTZhg8gdjoiPG4hTnJmDPfBhtnb2etSsl0JeOwxLNreSOXRCbcMcc9eVYIj1ms5jvPZBK8ZL4TgQoBR2qEaSAwtRUPgsc4vBfCm4NtosMxS-5Ka0ct1g3eZBvspbo3gbUl4TnhXmdDPMMrRLlVwTBSl7CND6AT3QzWPlf9ipFykg85kbBN1TJ-sHJOnTZ7NdQWEc0Owo4TSnRxV0T0YIvj9-b6cTwhWGlwHFyX1O8qEX2skOvNLvg9BcSCHADSixlqArS8sLEM8x93RSA0Wqt7vznp40U90ymymhcJ2WMoeutfHtnLISSdbV-8ozbFZ1PU26XcJgJn41dBb8kdIAPdu178_19kEPBhTnIjnjAGPVMP_2Dx6_TSBdM_MrWCsqYgdEAT7W3LpyTnSb3DfY_N1ovfrClXl-TyZhyo2rvYIYQJliOZA4PtFHqbbJXcBMt9eMzGvlRMxmUumSkfv0dG3FaxujHpusmqJbMz7Lu-0yKlwGqDGkdkVES8Wn1JbFgxUq0taKI3Maj_s4CMwJfMqNyUmr-pz9u9BwaYGf8Owst2B5o8kKteZfOUAL0KrSIj0xTwJmRcwdP0lRR5OzHR3kbTvTHZ061Jh4JzffqZOdKkRZ0GdCOCYiAx0tiwGLB1-IEzLKkEDr8OWcZA19CRd9HE8RtqJu-LsnukzCfBaLPaubwoWJr100tC9pMmYhB9Ca6LigBSy1O6qCNDDA9lOMIgXyO6Ebiqko1HA_m7ljXclEOYMx4GZYs_lIfOIbjmTZ0LAPwezbmYLBzJkXWeAVftUbCWBSdmAovSv4SOtUU9vx94pTWhxn1BlLfte_7rJcDmZj1Ygq6kRKpfEhiSX63yxTiBdSanE2QUA-K36o3sFTu4YuDx2sIa7t89N5_1gWX51ufydkaawg7hGQhLK4HdLLo_gCc2yPUrzJx3AKgv_r1vIHPCpVlOJ4WgFoc1jAtXAyg2TLLlp5qBcMI2716KkiLr8nheMqIPKG4M7MQCTMiokrvzkbwnBC8QXjDcrZFIdsf9FE0_uBvnvyqoWqkJdeT1LflyDip1FMRYZDrSW8NsrOOrnIZ1gBoiKHGBn8FvsNExkmsADqwDYxhMly0_mRyUHWDpWdF43fc_yATRr4s55QlPB81awQNsyAd2DIKfUqtpM6z4Bz4F8IQ4s9QBgggcwyETnFVqlah1l_hN32fFFvLo_47Irf1e-17M7S7Jeo5-LxqAVgQlKi9Fzk0Mk7qPHwQT8GjcKkbqzMhunnMXaqK_QWN5CvI5xNCRQdzhOYt8rJGL3vMw-dbb2WU2U1rJ0XsUwh-XNBDIfv-LN8zapSn2ofPzJbl-ipuU1nDPmM-W3JkwEDz_CDyJTmeP-ZDwZfMzzh524E9erma5bwngA-riVXF77ZGsMEe-8mn-VVUb5RePbXk69Xw3HIf39YrLN_UDZ3SbreaIz5mPp5bvVKW1iYOXTsvCvBnrAu3oztnIdSep26MtzKytRXrob7OEGSms1-nDat1WlG0n3VGLNSdg96GlLTatAvkQMykLZ3n-1cR8Jk9mBeYOkq9lqSa3irxYVC1w7OSxfoLXPXzZNcpxrlpKNaZLj4JIoDfYBirZZWMvCURSG-AlqQm8Ua2O3PeLsLHZvOj0klP1d1Q65V1NGsua4ltc8lNRoUHbcX7pkurogrprhjS3XuOiyHUJZW4fvSr0rYWJxBCmk3NFxJwQiE129GXFi1EFB20X8h5aBd_S45PBsqOvoTIIyMQhlKJtqJk5_I-PD58LkF9J2gqGr6dTtOiVRy2xbsIFWytxHg_wBBOfwUT3aI9DyA5MI2aPc1M0zBbeEzD2dRLUq3yKYmAUr79DtwJFuSe7I1SI7HRHWVhYuCVkJN-cLaqsZo-Z_KZ7NhY943UMf6e68AZEmXMymG4e5m1m_ASZ8PeebKeFdRzJBTR3PVO0i7ByaxZgIcINBZl1DGlrYf1SjYTNYbgus30PKJT4gL5coZWo9CkxkPzzVLdMsrSwWLem834qXIKr_ZAMqejIcTdlpACqQR5f0kYln6E3haYGYnm9agfTdilhXMMJHye4ERn-JhT75Iy_FyG2ugm787u_OflgpU85KMYnlFofnHeQHOFu3U8pC2bbsqaGQ6-XsLB8JlmjX-EKLfX0oYvqH5Qf8-0SJDbuBwgFk7c2C8VH-yUFuGjSCmvfqKJ4Z9oj_QFE5Wk69d-jEy7TCEaqq9djoXsPy1w65fUsH0TH54AMBJqTIS8Zy4gE9AAZsQeu4xencNoRw8Nexb19RHXBJ-h1xXWDImNAOXFhZx4xsAzdJEgvWRzGelTsEHIOyuO0p9bCMJ2_hUYgTeTd7dTXAnYvA3BqvcCwehDg13t1Avj_NIbcWiWPNmb4xTjssHU-Vnc6vuC6Ji83Jr8PkQFwlXh8Ju26i325hXv2SXjVakpzOMSlYLye0rg6F9gykYzfGluQELTtDXY7XwNVVohQkVno7N_Qj5jLJgZmudxvCgt22VhqeEUybsO3DGRA3XqhIjSErfjQuFeagn59oXu-v8NhauMaSC30fIODHypeAQUmZ1s1fAPiiKADNlg9FaddUfepjoV5FOF6vOir5AYu2DXpE9JKqfVjX5BbaUGO0H71-5_MaAkkcw3nilIamH-itU5uyc1Y3ck2KSVTbZpP-MMIMOCH3SM2HFN_pt3gZsQ_d3kQxvRVE_PPk7abe7D87sjTBFl86vI2NUxyRM5W7bCzz4ke6mbyyLQXX3RBzud9c7UuJRIi1xRiAuQ9Sok9FrlI1HaCO3SQsU3eltc2nTy5iDoggOLbMVzKH7Ts_EWpboAyCroBDHQJMx_eB0pTPSvahkHODArf9tf7Fs6bU1uGc3C43wz34wkBbb11n9nFr2vMGHOLO8fcEpu6GWJsFIgotIXuVE-qt28VRjjGr0dyA0rAFqn8dPZfKsOM93Mta46d8XgOJq-NV8AADGWTGBSmhI8GGwz8tcCbkyG1vNAPcZjG7vjCYX3CYv288j1t7OrxLzHOGpazwTDg-u-jXviUQ5sqL1-t36hGWNNjtkVfH_0Aao-mO-3bX3Wm3dvcRVYzu7vzUz7Z3QQhTLmvoXpkdAHxAwSrzyKfljuboBCCdxjhJIAEo5PaqMcmt-3j6sl3HOs_19R0tA&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&rfl=1%2Chttps%253A%252F%252Fpt.gastromium.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 15:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 15:03:03 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 981A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:38:34 GMT
expires
Thu, 20 Apr 2023 19:38:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5BF0 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/adfscript/?bn=54370173;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&sig=AOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA&client=ca-pub-5512390705137507&dbm_c=AKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ&cry=1&dbm_d=AKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 22 Apr 2022 00:10:15 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 981A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 13:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
29319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 13:09:03 GMT
/
a1.adform.net/adfserve/ Frame 5BF0 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfserve/?CC=1&bn=54370173;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&sig=AOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA&client=ca-pub-5512390705137507&dbm_c=AKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ&cry=1&dbm_d=AKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg&adurl=;js=1;adfxid=1x;1620;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fpt.gastromium.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6641008867050c9eb3c05eb62649430560d4c04287c2eaa6b84ac525e066440b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3867
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 981A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvWkgdnhgYqaRHcTI3gPN2LW4CwAAAAA4AeAEAg&bg=!HR6lHlrNAAZvJBiFTyQ7ACkAdvg8WrzEUIGeCtU8gJgAoMwgZeCrsPsnajJZV_c60Laqv8NSWymD-QIAAAByUgAAAANoAQeZAviggstkCBkFq1maepDXFOwr_3WpGdobH3vc_ZuKRFLNWu0C6Vma440AzZ1lU6VLM84URRaTuERRWOjnzfw5dpsqq-LlfIf2bt1MN_2gXYYEntHK7lrSU2I3io-pYX_ov1qYD_fuax9vIW1u5wDhZCw7RwOu260NNG0hjuJH0qtVgHVYAO2JawusmUmfPCEw5EPm8aT69Z494mslbyzYYSmEkR0eAZFcEP1Q78-8keEijAcvBRPLx2oepB8mRy7oBXMcMRSPnqqEqoF-8ePbbpNgJmNPdPx1XhBIQ5jpgZICkbAP4LFkG4MNMcMlUhl9Zfah7UHX1jEVjBF5wxoH-VIqL3FPBhEnOQ55VW_pP52uiV29A7tVwz-FyXBGH7EW9Bx8VFlvtKmfPuyx0YzlOt6PKhJYZhRtmy-6zJLHNaPyR3bv83TrE_3MQyxjVKyd_siZZL-cLd8Anzp7l138OlKTffRL4qK9n2e3weBnARzvwSiPlXKqP-fWM0tW5AH0A-sRRNtZGWsSTTW8Kx4BBAALGTKGSVfQwbXCLHT_xfH-UsLfSE-1nkmPnlU7Qb65wQ3O1HXGK_ePy9MYnGoEwq2JaP7gC2nQA00qqg0IRqe_vswxZyZjFGXPugDBncaIG3f5cJX83w0NM6xNMk4QmFtGturABZQHLjZU3Q7z-9zsCj-FXMDXOFM-nGyErEIKwzYuxOo39JT21VKjKeY5dT75KV-UZ9qmRwEZF5ODz0kpUsQD6yvkgNZx0vierbnZ4gP1D-vqM-sZUwPLUcY8Md0OdWivPpONJ_kjwJ-aBTvXFl6R3YpopDWSBODghxUEqFQPq67ORbd1449xUkPLKOYfMFA1qUgcCmRZ1IrfuHubVY5NpJxOmEftJWyIdbmTmS8RVM1gQg0i9o88DySrOCXwMsvKEXY82d08pAwXHaq9JBHzLB_m92rTovRtEwmnrtaVkViwWsMVHhvur6mQcp1BmMdiMcaKJ7gzUBlixMrfKVKHn4M8aJf4
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.b
mm.melia.com/dynview/melia-com/ Frame 5BF0 		111 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=mhi_dbm&ead-name=3_EMEA_PT_C_DE_p-mhi_dbm&ead-location=display_Prospecting_DE-728x90_de&ead-creative=DE-mhi_dbm-c_presummer_tenerife_videoinbanner-728x90_de&ead-creativetype=728x90_de&eseg-name=campaign&eseg-item=presummer&ead-mediaplan=DE-Prospecting&ea-rnd=94918&adfrmid=4580191850441670230
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.197.110 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
ml.eulerian.net
Software
EWS /
Resource Hash
0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Wed, 20 Apr 2022 21:17:43 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
111
X-XSS-Protection
0
truncated
/ Frame 5BF0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6925ae375f5bcb499afa1b69bd0438e8d897d4f6d9d4915c7ab617cb9e5378cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 5BF0 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 22 Apr 2022 00:11:14 GMT
/
a1.adform.net/csimpr/ Frame 5BF0 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/csimpr/?bn=54370173&csi=cAb9F1GmrwcABuAv-PJPp-Zgcigwt8P6CpdRT7VHHo_rygPkIxxfk7s2cSM5xQvBSgVeY-2R7m__kTnYLfrTXN6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
11022066.js
s1.adform.net/Banners/Elements/Files/63577/11022066/ Frame F63D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/63577/11022066/11022066.js?ADFassetID=11022066&bv=257
Requested by
Host: pt.gastromium.com
URL: https://pt.gastromium.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
879cab3d6755806dfc9a395f8a3cfd0978cfab8897d55fda48ad06ef09bb9003
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:42 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 08:10:55 GMT
server
nginx
etag
W/"6232ed0f-7b0"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame F63D
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:21 GMT
server
nginx
etag
W/"609e6e89-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Wed, 20 Apr 2022 21:17:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
6232eccb9663a849c8c24941
c.bannerflow.net/a/ Frame F63D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6232eccb9663a849c8c24941?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM%26sig%3DAOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ%26cry%3D1%26dbm_d%3DAKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D54370173%3Badfibeg%3D0%3Bcdata%3DiRC99z5vOMPfr60UZvDexRUvVRr7R6HAMIIiXYcp__IJZer4nXJh397BVCKwDaW4_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJGPDAS6SYZuRruII-PWhzuh4NlTRu_ZN8Whdna3tHPxJ1YQwKoa9vEimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fpt.gastromium.com%3BC%3D1&domain=https%3a%2f%2fc1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com%2f&targetwindow=_blank
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929d9e7f809aae29b56c16a40ca6c2b190a9385a786a0bdd4dcdf4f9c450fd7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
6ff0e88a5b250221-ZRH
link
<https://c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
preload.jpg
c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/ Frame F63D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/preload.jpg
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95123151b63c2ac4a243f8ac1e0f11895292b5e9966a8fd0e96fb3760822ac8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 21:17:43 GMT
cf-cache-status
HIT
age
1659064
content-length
9504
x-ms-lease-status
unlocked
last-modified
Mon, 21 Mar 2022 08:48:04 GMT
server
cloudflare
etag
0x8DA0B17837D5039
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
1c49a563-501e-009b-6ae5-452c23000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6ff0e88abbc50221-ZRH
cf-bgj
h2pri
widget.312873177f7c8c26c3a1.js
c.bannerflow.net/scripts/ Frame F63D 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.312873177f7c8c26c3a1.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6232eccb9663a849c8c24941?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM%26sig%3DAOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ%26cry%3D1%26dbm_d%3DAKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D54370173%3Badfibeg%3D0%3Bcdata%3DiRC99z5vOMPfr60UZvDexRUvVRr7R6HAMIIiXYcp__IJZer4nXJh397BVCKwDaW4_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJGPDAS6SYZuRruII-PWhzuh4NlTRu_ZN8Whdna3tHPxJ1YQwKoa9vEimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fpt.gastromium.com%3BC%3D1&domain=https%3a%2f%2fc1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com%2f&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac12c45b91c1e960c86dca2b137081c6e861123624d08442f5a80ff24be47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
HZEQkVfbP7Jm3zV8y9pNcA==
age
3734135
cf-polished
origSize=19187
x-ms-lease-status
unlocked
last-modified
Mon, 07 Mar 2022 14:49:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
acda45bd-d01e-0085-4d05-33c0fb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6ff0e88adbf30221-ZRH
cf-bgj
minify
document.64441b2ae6.js
c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/ Frame F63D 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/document.64441b2ae6.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6232eccb9663a849c8c24941?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM%26sig%3DAOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ%26cry%3D1%26dbm_d%3DAKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D54370173%3Badfibeg%3D0%3Bcdata%3DiRC99z5vOMPfr60UZvDexRUvVRr7R6HAMIIiXYcp__IJZer4nXJh397BVCKwDaW4_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJGPDAS6SYZuRruII-PWhzuh4NlTRu_ZN8Whdna3tHPxJ1YQwKoa9vEimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fpt.gastromium.com%3BC%3D1&domain=https%3a%2f%2fc1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com%2f&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c417546ab95f377359977407b1c777b74643ef2f7e5eb6aaf410ce540c462a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ZEQbKub/JHrdQz//0StmlA==
age
1659063
cf-polished
origSize=94267
x-ms-lease-status
unlocked
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8b9a6aa5-201e-0038-55e5-4549e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6ff0e88adbf50221-ZRH
cf-bgj
minify
animated-creative.113bb23e864a7f983e9d.js
c.bannerflow.net/scripts/ Frame F63D 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.113bb23e864a7f983e9d.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6232eccb9663a849c8c24941?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM%26sig%3DAOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ%26cry%3D1%26dbm_d%3DAKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D54370173%3Badfibeg%3D0%3Bcdata%3DiRC99z5vOMPfr60UZvDexRUvVRr7R6HAMIIiXYcp__IJZer4nXJh397BVCKwDaW4_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJGPDAS6SYZuRruII-PWhzuh4NlTRu_ZN8Whdna3tHPxJ1YQwKoa9vEimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fpt.gastromium.com%3BC%3D1&domain=https%3a%2f%2fc1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com%2f&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d545b0de5199928169a9eb70e4ea94a856936a826b1bc868619a7ff0a2f85bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
n7+0gUkvpEd8QT4r3GPRkg==
age
3564476
cf-polished
origSize=145314
x-ms-lease-status
unlocked
last-modified
Mon, 07 Mar 2022 14:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4eab124d-901e-002d-1390-345e55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6ff0e88adbf60221-ZRH
cf-bgj
minify
truncated
/ Frame F63D 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/webp
38868b3b-f280-463d-9842-927b20c596cf
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/ Frame ADA5 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/38868b3b-f280-463d-9842-927b20c596cf
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.113bb23e864a7f983e9d.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame F63D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F58439817-62c3-4146-b079-bf26ee5c4e96.woff&t=%20GISTdehimnoru%C3%9F%C3%A4
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ccadf73a1fda71065011190d5644f48979b6095b0f6bbbfa64b8043c5fc2ed

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
Origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 19:06:57 GMT
server
cloudflare
age
2427046
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=58439817-62c3-4146-b079-bf26ee5c4e96-subset.woff
cf-ray
6ff0e88c8cbe23df-ZRH
expires
Thu, 23 Mar 2023 19:06:57 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5BF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueJCMXyN7r9QHRGlO_94CTl-pgSIr3o6elYk5P-B9EI1BIacU4NlsrscdNNK_K2Z1i1AUoUd7uzoMdVeehIYIT4TReUu2aPxjmU3i1fkBjCmQhSnRKFA&sai=AMfl-YRwD8ydgnlGGiZXip-nQDaIrErmSF-_rkeUVJXL8X9bVnD3s9ne64UlTizt1bA6bfnSDISrKljcMeqZCUlqk3Jzpwu2FQY2CioAYmtU1g&sig=Cg0ArKJSzNywz722dcd9EAE&cid=CAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM&id=lidar2&mcvt=1052&p=1110,436,1204,1164&mtos=172,1052,1052,1052,1052&tos=172,880,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1160688025&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650489461728&rpt=353&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F63D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F63565b7a-3d57-473d-8aa5-528f9c57fb18.woff&t=%20ABCEHLNTZisuz
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb08a7877623a64fa891caad146ec64c94e4cfee3108951848ceef9da5968c8d

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
Origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 19:50:42 GMT
server
cloudflare
age
2424421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=63565b7a-3d57-473d-8aa5-528f9c57fb18-subset.woff
cf-ray
6ff0e88ced4a23df-ZRH
expires
Thu, 23 Mar 2023 19:50:42 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F63D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2Fb8d39551-68ea-4ae7-9f0e-5ab5c1261bdd.woff&t=%20%25%2a-35KSegilnorstu
Requested by
Host: c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfff66f0285504658a03b932d7bc9451d655ea76dc758be3dad7750b57ed7999

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
Origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Mar 2022 19:50:42 GMT
server
cloudflare
age
2424421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=b8d39551-68ea-4ae7-9f0e-5ab5c1261bdd-subset.woff
cf-ray
6ff0e88d1d9723df-ZRH
expires
Thu, 23 Mar 2023 19:50:42 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 1DE4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F59c9120b31ae8f128419d688%2Fimages%2Fa326ed08-c4ea-44d9-8af8-9453fe674daa.jpg&w=765&h=90&q=85&f=webp&rt=cover&x1=0&y1=591&x2=1600&y2=779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802f33a3941dcda9d727eae784ad9056e2618204b6e79bb8bcff0840e9762d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:17:43 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 09:56:05 GMT
api-supported-versions
2.0
age
40898
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6ff0e88da8050221-ZRH
content-length
1694
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
27624350-8080-45f5-8ac5-4bcbf8478d7e.svg
c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/images/ Frame 1DE4 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/images/27624350-8080-45f5-8ac5-4bcbf8478d7e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3109a82c3a2c23e65bf887a0c7d13be0a8c7a3d1468103051144cb9e84ad77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 20 Apr 2022 21:17:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
5Xuj2A+y0C5AFucBYDjFgA==
age
3613
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 07:47:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cba44f8b-801e-0031-2a48-3c0c35000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6ff0e88db8310221-ZRH
pre-summer22_h_low.mp4
productsup.melia.com/production/ Frame 6C8A 		62 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://productsup.melia.com/production/pre-summer22_h_low.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-15.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Q6moKFDsjYlyK1W4.RP99wPb7MQNVV3h
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
etag
"88914c9106e744f92c40234550dec9b6"
last-modified
Mon, 21 Mar 2022 07:56:34 GMT
server
AmazonS3
age
901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-788348/788349
date
Wed, 20 Apr 2022 21:03:59 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
Content-Length
788349
x-amz-cf-id
VmfJN9BSg2b28A0HGwT44XwGHlzYznBkWqHxyACZKb9tpzObui7D3A==
pre-summer22_h_low.mp4
productsup.melia.com/production/ Frame 6C8A 		34 KB
34 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://productsup.melia.com/production/pre-summer22_h_low.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-15.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b081da29fb0d2b34dd03b08da016d059bca2064de9cc5de2abd86dda92f22805

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=753664-

Response headers

x-amz-version-id
Q6moKFDsjYlyK1W4.RP99wPb7MQNVV3h
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
etag
"88914c9106e744f92c40234550dec9b6"
last-modified
Mon, 21 Mar 2022 07:56:34 GMT
server
AmazonS3
age
901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 753664-788348/788349
date
Wed, 20 Apr 2022 21:17:44 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
Content-Length
34685
x-amz-cf-id
_99_5rpn9tpwNZ5V7Jo5BEuoBk5rFGWxq6US4sdlqMvTaQpUnaNG5Q==
59c9120b31ae8f128419d688
c.bannerflow.net/tr/v2/pixel/ Frame F63D 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/59c9120b31ae8f128419d688
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6232eccb9663a849c8c24941?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2AjRdXhgYpvmONWArATVtLFQjNSlwmnh4Kaw8A-Tz8zD8BYQASCqgMMiYJWCi4KYB6ABk6aPvgPIAQmpAnNrg7_rOrI-qAMBqgTzAU_QBkxT3_OqlHbm8ENIcGEYsXDMWFqSrNHj5g1HJKzY__4WqPr6Eri70S7IaNct5vT-x6R9dxRJ3whDaUhXvqsr4vjgAPiT76U-LQYiHbBlcQARMya6oVIUemOVRQyBwmy38uZqWOkaoXdgjuApE4gIg9cL3mPMqtz4SX4xk6B2sQuWCrEEO_1nnug6UkF5mE-CMv_SqADyKDGT6_Dt0M4wGFlJh9wkh3KpqR-mWuCG02F5baYs0Ehv8oNJXIgHQ_ZAjTZschEOSqyE_J-ebOpIXb6deILncF3he3ulZfL88CRU5-L_5k0zjHCAm1afUUje18AE_d30tO0D4AQDkAYBoAZNgAfV2fBBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDmAsByAsBgAwBsBPyxPEO2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMpPlGud3BE4L6HKriagzJKpKAmz50sY5NF0CD_DIcmrfFFDUYT7BWQoM%26sig%3DAOD64_3Dt4pqVVDGYTPcVatMb1bMopuWSA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AtdCP1VkwCBIotEGyNkiyXnDjaWDY_JTubhEOZKtlyVVmHu-KosQzErj9qAhXXET_cdFAQpjcQQJ6iHebbo-SENhlsi4GCLUksVFCYCy-HajIFSy_Y_D_FaYaarAUOHI05bYnL6HKqgYbQQ3z_KT-zwWO1AQ%26cry%3D1%26dbm_d%3DAKAmf-CIYdl7kABONjsYfnJpWgvG66YRaJcEZyieQzOBvzPkph5pYR64a52zql11f1DFaPTISZUZcuKd4OJ3L4v-gbAAsqH_0cYp7zn6XvwyHMTZW4iMGH-JS7_f08uqkZRDJ8jycFztapozD6T2XvJHRrUGcdRHCUnfZ3FLyB9lmjPXagVxOdUVdksH96P54t5mUff1ac_GQyvZbREnScG-BWH775CDxfkB_MHwiKIKq1sa9yTS6H8hv2LtccHqA2cvRu1Ri1Hw2nWMG96ziK8FqNvanvu2CMHQMfCMVQgBLUVGvI0ds3hPz8jEOMrWZ-z90qd5ZnXe4I1b4xfscam9CYd4bOoCTKGUOKhRAmCaOvUNYhJh3NT_EHxo0eqiwYohwPFPpvD_iPv5xGj1LocBqE1TJWkARHJX0vhnje65XSSGcovl6LeTNWuncxOEn-qxMtOz3yFiKRm5POA4oq7W5eorWxlcwg%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D54370173%3Badfibeg%3D0%3Bcdata%3DiRC99z5vOMPfr60UZvDexRUvVRr7R6HAMIIiXYcp__IJZer4nXJh397BVCKwDaW4_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJGPDAS6SYZuRruII-PWhzuh4NlTRu_ZN8Whdna3tHPxJ1YQwKoa9vEimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fpt.gastromium.com%3BC%3D1&domain=https%3a%2f%2fc1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com%2f&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Apr 2022 21:17:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ff0e88efa370221-ZRH
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
pre-summer22_h_low.mp4
productsup.melia.com/production/ Frame 6C8A 		738 KB
739 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://productsup.melia.com/production/pre-summer22_h_low.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-15.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
746a0d35308dd72fc9d54a074ba3d3e534963ebd5b50646d99465a2be8f72012

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
Q6moKFDsjYlyK1W4.RP99wPb7MQNVV3h
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
etag
"88914c9106e744f92c40234550dec9b6"
last-modified
Mon, 21 Mar 2022 07:56:34 GMT
server
AmazonS3
age
901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 32768-788348/788349
date
Wed, 20 Apr 2022 21:17:44 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
Content-Length
755581
x-amz-cf-id
Xh-rJKvaS-WzYqI_1q0KVXzi29Wn_IjttczKqSkWeioMj4nnDCYoSw==
/
a1.adform.net/serving/unload/ Frame 5BF0 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=4580191850441670230@@54370173,7406067011308173950,100|1005|0|0|0|0|0|0|0||34|1|||||1|0|0|wttyaNguiY1cPlakbYq96dwWVGzN5KrR-OgBjUqUOj_BMjABfBv3AvL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.gastromium.com%2F&domain=pt.gastromium.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pt.gastromium.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pt.gastromium.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Apr 2022 21:17:44 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1594
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.gastromium.com%2F&domain=pt.gastromium.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=uaa9OnxtOFBBWFdXN1NIWit1TVFyRllQUE1nWFBIcVdEMXphaWY1cWk1WlhpOG9taURUS0RsOXQyeXZTOWlYM3Y4ZXByblN6aXpKbzB1MXhJU2tuOGc3cnhGZzJjNnBQc1ZuWVlDMHBJaC9WSVFTZCs5bm40ai9Pa1hnd2...
353 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uaa9OnxtOFBBWFdXN1NIWit1TVFyRllQUE1nWFBIcVdEMXphaWY1cWk1WlhpOG9taURUS0RsOXQyeXZTOWlYM3Y4ZXByblN6aXpKbzB1MXhJU2tuOGc3cnhGZzJjNnBQc1ZuWVlDMHBJaC9WSVFTZCs5bm40ai9Pa1hnd2tyWDRWWC9qTU01SllzRmYrQ05WQ2lFLzBQbG5nM2J2ZXA4OTNNb2FIYjJiVlNxcitEYW5HY3lwUndjVFk3U3UzS2JuZ3lNRVp3d08zN3J1emNDMCsrN3dkemMyd0hBT0xzZnRsSmNCbUo0WXNvalAyR2hVPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4aa064e30c12b08f3cc1cecdf6b5a75fed5f31b5f430734678913ae8df00e3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.gastromium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3098
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:44 GMT
location
https://mug.criteo.com/sid?cpp=uaa9OnxtOFBBWFdXN1NIWit1TVFyRllQUE1nWFBIcVdEMXphaWY1cWk1WlhpOG9taURUS0RsOXQyeXZTOWlYM3Y4ZXByblN6aXpKbzB1MXhJU2tuOGc3cnhGZzJjNnBQc1ZuWVlDMHBJaC9WSVFTZCs5bm40ai9Pa1hnd2tyWDRWWC9qTU01SllzRmYrQ05WQ2lFLzBQbG5nM2J2ZXA4OTNNb2FIYjJiVlNxcitEYW5HY3lwUndjVFk3U3UzS2JuZ3lNRVp3d08zN3J1emNDMCsrN3dkemMyd0hBT0xzZnRsSmNCbUo0WXNvalAyR2hVPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pt.gastromium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1978
content-length
482
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uaa9OnxtOFBBWFdXN1NIWit1TVFyRllQUE1nWFBIcVdEMXphaWY1cWk1WlhpOG9taURUS0RsOXQyeXZTOWlYM3Y4ZXByblN6aXpKbzB1MXhJU2tuOGc3cnhGZzJjNnBQc1ZuWVlDMHBJaC9WSVFTZCs5bm40ai9Pa1hnd2tyWDRWWC9qTU01SllzRmYrQ05WQ2lFLzBQbG5nM2J2ZXA4OTNNb2FIYjJiVlNxcitEYW5HY3lwUndjVFk3U3UzS2JuZ3lNRVp3d08zN3J1emNDMCsrN3dkemMyd0hBT0xzZnRsSmNCbUo0WXNvalAyR2hVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Apr 2022 21:17:44 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
902
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
a1.adform.net/serving/unload/ Frame 5BF0 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=4580191850441670230@@54370173,7406067011308173950,100|4302|0|0|0|0|0|0|0||147|1|||||1|0|0|wttyaNguiY1cPlakbYq96dwWVGzN5KrR-OgBjUqUOj_BMjABfBv3AvL_QlhaeLlf0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:17:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime undefined| $ function| jQuery string| fl object| mLazyLoad boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

19 Cookies

Domain/Path Name / Value
pt.gastromium.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
prebid.a-mo.net/ Name: __amc
Value: 1_1650489461_1650489461
.gastromium.com/ Name: __gads
Value: ID=d0786e50886e175f:T=1650489461:S=ALNI_MZx7hsnb9z6-3gJvg_DeCLbQvJdtQ
.doubleclick.net/ Name: IDE
Value: AHWqTUls0eQxvr7FM7vQKBCrzzfGdHlv5K0-mY_KfTeGVtvLrGHWVe-SyBjswvgm0LI
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 1550549662311233746
.casalemedia.com/ Name: CMPS
Value: 3219
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In7DMq8v!@wnfH8K6pQK`!5=E<*L5?%Lzde8X]7QO'7kNuDb]S/hKA_Aok9O%YVeq[%3%nugO%v4VB%nn$H)x'F<
.casalemedia.com/ Name: CMST
Value: YmB4dmJgeHYA
.casalemedia.com/ Name: CMRUM3
Value: 2d626078762760CAESEHqWKDNVwmdffjniT3iu4Ns
.casalemedia.com/ Name: CMID
Value: YmB4dikqvw8Pv.xIS2h2AQAA
.casalemedia.com/ Name: CMPRO
Value: 1115
.adform.net/ Name: uid
Value: 4580191850441670230
.adform.net/ Name: TPC
Value: 1650489462696
.melia.com/ Name: etuix
Value: GA2CDCgf9XyKhVpagHsw_rcIoLSeQLhoUiVF9r_ZKmOnX_p4Ac9_bQ--
.melia.com/ Name: et0
Value: 0q64ywB.oXm_r.foe84TtNBFXjP.QaVLPEcFjODVxMDunE3pmAgwgqKIxEwyTvG0HBccNgOZRQ1sYdVfPA3H10Ui.4hbyJLBNnsXqmIwy3FfO5bIm81J89V6nFiEb3.tocVNfZo._TrgzqDdZRNDvoRHOInR9Le6hYfb8GW1DMxz48NOz29pn1sxL68ZBT4_Nsm9
.melia.com/ Name: et
Value: 1
pt.gastromium.com/ Name: cto_bundle
Value: u2E4-19SeVpWNWtjV05SSHJFVWklMkJBYXh6ZDZ5OElEYWwzM2NnTCUyQmFJYnVlJTJGbWUzJTJGZkVXbm5tWlFtek5rbyUyQlQ0WUVBbUtRU3Zhc2R2VlVzdXBocXRyR01LVHFoNWpBWnVyQk1kS3FnZlM2Mmx3SmpwZlcxc2RjTmFUaXlNQ01NWlhNSCUyQg
pt.gastromium.com/ Name: cto_bidid
Value: ehzLsV85MXZZOW5idVlBMTMlMkJMWlBjM0tEU0lkYTh5Mnc2UVFOVkslMkZqdUdhaVo2RUoyQU5oQXNIbDFkUTZlcW9mNXFDMk5ENzhuc0M2VFJjenBSSnVtUTNsR0ElM0QlM0Q

1 Console Messages

Source Level URL
Text
javascript warning URL: https://c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
The resource https://c.bannerflow.net/accounts/melia-hotels-international/59c9120b31ae8f128419d688/published/1957125/2252985/preload.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
adservice.google.com
adservice.google.de
adx.adform.net
c.bannerflow.net
c1447ae206e13c22f98816145e2cc2f1.safeframe.googlesyndication.com
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.gstatic.com
gastromium.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
mm.melia.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
productsup.melia.com
pt.gastromium.com
s1.adform.net
script.4dex.io
securepubads.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.google.com
www.googletagservices.com
109.232.197.110
142.250.185.66
142.250.185.98
143.204.98.15
145.40.89.200
178.250.2.146
185.184.8.90
2600:9000:2156:d800:11:a4de:2580:93a1
2606:4700:20::681a:9a9
2606:4700::6810:5514
2606:4700::6810:c40
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638::1c
2a06:98c1:3120::7
2a06:98c1:3121::7
37.157.2.239
37.157.4.40
37.157.6.236
37.252.173.215
69.192.160.245
015ff670c3b5f5ef9737dd846216bc9f038d4caece1fc07d63edea131496f2c3
03647115fc5ced59028d61f42cce7045a2b960c8f56a81ff4636c1b580897f3f
059dc794c94666ec6d89d2c8e583554a358414d13a17fd4fb53daec1fc6ee2ad
0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20
08d28286d4abcf955dfb9064f5b8902c97c1242f3cb370510374be42e097d2a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b7eef02becfe85cc5ba4ef51803d14502ad7b7707d1531bf7cefc7b7f6c5349
1c2336b09355a3df32cdf44b4144dd8b822ef9a9797dd7ecb64017a1638ac539
1d9dec1a42c7e6469d9fb98ec6346b7cf6d6f89d53c202669da51ec11ff3a27b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ec3e0f164a5c623a0b9215fe7df87f734a4b2aba52b7e4b0d02f828f28ad03a
21e74d132a0b3ffb28342753d1f84d0db7a1ab314e6411440ce4242f4a64334a
2c3109a82c3a2c23e65bf887a0c7d13be0a8c7a3d1468103051144cb9e84ad77
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
35769e7238b799549a503d104e97efe2d7d14058283793150db5e698a39c20e6
36adbd066c49c75e52cab1fe7449022eed10aa497120fbd90572fe0b15a8aee3
3bed460c8d9b5ca84c390278610d80bdc15c12abaa1481b85b1a375e1215aeda
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4aa064e30c12b08f3cc1cecdf6b5a75fed5f31b5f430734678913ae8df00e3ab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5339c211c56ddbbcc09a6cd185f9c130e580b10f76d78ea24c9cb0c12c8b6f3b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5890fb18760cb4a94eaa0f87e756a2a9587c95e3b2c4c7f720e489b4540a55d5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659ff6b596a7ddb648cd65a5429893be655629c0d36a7703817a63a0870ec020
6641008867050c9eb3c05eb62649430560d4c04287c2eaa6b84ac525e066440b
6925ae375f5bcb499afa1b69bd0438e8d897d4f6d9d4915c7ab617cb9e5378cb
6bdf0a19a4a57681cfdd0bf78d6217d9d76d0916bc826c6f034a606f1cd26809
6c6c12bef3e89c450899650e9bac6cd514fdec503d25b4d8b78dbe87c6f74bba
6ca8ffa3793893211b88ffda414c65d61a0d9a66a6cf571427b55912f6245ec0
6cb71a9f2730c7ec7e58f4f9c6e04da64b5a81ff7b9b7d86dfbc4c2e0b8f338b
6e35cea07072f1db2aebc7f7beb4c97d2f85d120b97e4af9f57718e54a3e47ca
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
746a0d35308dd72fc9d54a074ba3d3e534963ebd5b50646d99465a2be8f72012
759f46dd1c579d006477d697cd0ea850430caf1bacc7c81c24d807f5395f6df8
7ac12c45b91c1e960c86dca2b137081c6e861123624d08442f5a80ff24be47de
802f33a3941dcda9d727eae784ad9056e2618204b6e79bb8bcff0840e9762d62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879cab3d6755806dfc9a395f8a3cfd0978cfab8897d55fda48ad06ef09bb9003
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
929d9e7f809aae29b56c16a40ca6c2b190a9385a786a0bdd4dcdf4f9c450fd7d
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
95123151b63c2ac4a243f8ac1e0f11895292b5e9966a8fd0e96fb3760822ac8c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
af1b9e267066e20238138c2de1a01b305036f80ad06070722616489ac16efa41
b081da29fb0d2b34dd03b08da016d059bca2064de9cc5de2abd86dda92f22805
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b88b1cf51f32e4381f312dfb3fbcdd7623488ace0014037a3c9555dc98db1e47
bb452c04a0dfc0a4e0b62b619eeb95116c80514a0a131d0e9bf45e4504d6859c
bbcad007c82a8c2ecb4352b5090d0856809573534f94618436f99d7c6b3aacdd
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c321245e6d62047e34eb64d468495376a05026060a19408588ba2dd9e552f1aa
c4ccadf73a1fda71065011190d5644f48979b6095b0f6bbbfa64b8043c5fc2ed
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
cb08a7877623a64fa891caad146ec64c94e4cfee3108951848ceef9da5968c8d
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cfff66f0285504658a03b932d7bc9451d655ea76dc758be3dad7750b57ed7999
d14aaebe8e038e156b3d4642ee65109b88beba193b4d4aca7e3f37bd7e4cb043
d19ebd96d32f8175f26342c76f20ca9b14d82181e9e44133365d98441d088abc
d1a55f91f4e7dc053bc57adf5f27245f263bf4e6a0b70ae5968b773e70a578a6
d3ec27e45967640c4d591479b849c14c1db30b9904432997928d80d3a8d1bd1f
d545b0de5199928169a9eb70e4ea94a856936a826b1bc868619a7ff0a2f85bc6
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
de97e3122124d4979e328055efa798f9699a4f977088e95ba779836cae8c9ddb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f6c417546ab95f377359977407b1c777b74643ef2f7e5eb6aaf410ce540c462a
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f91785ebfb4dd5e74defb93a45dae709d71eb1a46e4b3f2822426509dcda2ea2