heraldodemexico.com.mx Open in urlscan Pro
2606:4700::6812:1070 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/2LTxUF4
Effective URL:
https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explo...
Submission Tags: falconsandbox
Submission: On June 12 via api (June 12th 2021, 7:01:20 pm UTC) from US

Summary HTTP 254 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 56 domains to perform 254 HTTP transactions. The main IP is 2606:4700::6812:1070, located in United States and belongs to CLOUDFLARENET, US. The main domain is heraldodemexico.com.mx.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.

This is the only time heraldodemexico.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 40	2606:4700::68... 2606:4700::6812:1070	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	99.86.241.40 99.86.241.40	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
33	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	99.86.241.22 99.86.241.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.11.148 13.32.11.148	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.7 13.225.84.7	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
7 14	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 12	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
2 24	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 7	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4 7	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
2 3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1 1	54.174.195.234 54.174.195.234	14618 (AMAZON-AES) (AMAZON-AES)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
10 19	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	52.210.44.111 52.210.44.111	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
4 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2 2	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	52.21.23.66 52.21.23.66	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	34.204.22.100 34.204.22.100	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
254	57

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700::6812:1070 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

heraldodemexico.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.241.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-40.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.241.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-22.vie50.r.cloudfront.net

widget.spreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.11.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-148.vie50.r.cloudfront.net

d3wo5wojvuv7l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-7.fra2.r.cloudfront.net

d3770qakewhkht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.88 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.221.90 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.195.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.88.106 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 184.30.21.112 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.44.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.190 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.240.234 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.22.100 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.135.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com trc-events.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com pips.taboola.com cds.taboola.com am-wf.taboola.com	515 KB
40	heraldodemexico.com.mx 1 redirects heraldodemexico.com.mx	1 MB
27	googlesyndication.com 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	122 KB
26	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	163 KB
24	stickyadstv.com 10 redirects ads.stickyadstv.com cdn.stickyadstv.com	400 KB
13	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	33 KB
12	casalemedia.com 2 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com ssum.casalemedia.com	15 KB
7	bidswitch.net 4 redirects x.bidswitch.net	2 KB
7	adsrvr.org 2 redirects match.adsrvr.org	2 KB
6	openx.net 4 redirects us-u.openx.net u.openx.net	1 KB
6	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
5	google.com adservice.google.com www.google.com	2 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	spreaker.com widget.spreaker.com	250 KB
4	googletagservices.com www.googletagservices.com	123 KB
3	contextweb.com 2 redirects bh.contextweb.com	1 KB
3	cloudfront.net d3wo5wojvuv7l.cloudfront.net d3770qakewhkht.cloudfront.net	102 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	ampproject.org cdn.ampproject.org	113 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	betweendigital.com 2 redirects ads.betweendigital.com	955 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adform.net c1.adform.net	661 B
2	bidr.io match.prod.bidr.io	860 B
2	teads.tv 1 redirects sync.teads.tv	414 B
2	bttrack.com bttrack.com	760 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	998 B
2	yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	1 KB
2	2mdn.net s0.2mdn.net	130 KB
2	google.de adservice.google.de www.google.de	1 KB
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	facebook.net connect.facebook.net	27 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	627 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	546 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	545 B
1	postrelease.com jadserve.postrelease.com	427 B
1	mathtag.com 1 redirects sync.mathtag.com	638 B
1	turn.com 1 redirects ad.turn.com	425 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	381 B
1	twitter.com analytics.twitter.com	658 B
1	facebook.com www.facebook.com	297 B
1	t.co t.co	455 B
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	bit.ly 1 redirects bit.ly	435 B
0	demdex.net Failed dpm.demdex.net Failed
254	56

	Domain	Requested by
40	heraldodemexico.com.mx	1 redirects heraldodemexico.com.mx static.cloudflareinsights.com
19	ads.stickyadstv.com	10 redirects vidstat.taboola.com cdn.stickyadstv.com
14	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com heraldodemexico.com.mx 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com www.googletagservices.com
13	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com heraldodemexico.com.mx 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
10	cdn.taboola.com	heraldodemexico.com.mx cdn.taboola.com
9	sync.taboola.com	2 redirects am-match.taboola.com ssum-sec.casalemedia.com ssum.casalemedia.com
9	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com ssum.casalemedia.com
7	x.bidswitch.net	4 redirects am-match.taboola.com imprammp.taboola.com
7	match.adsrvr.org	2 redirects am-match.taboola.com imprammp.taboola.com ssum-sec.casalemedia.com ssum.casalemedia.com
6	eus.rubiconproject.com	am-match.taboola.com imprammp.taboola.com eus.rubiconproject.com
5	cdn.stickyadstv.com	vidstat.taboola.com cdn.stickyadstv.com
5	us-u.openx.net	4 redirects googleads.g.doubleclick.net
5	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
5	sync-t1.taboola.com	am-match.taboola.com imprammp.taboola.com
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	sync-tm.everesttech.net	4 redirects
4	sync.search.spotxchange.com	4 redirects
4	am-vid-events.taboola.com	vidstat.taboola.com
4	trc.taboola.com	cdn.taboola.com
4	googleads4.g.doubleclick.net	heraldodemexico.com.mx
4	www.google.com	heraldodemexico.com.mx tpc.googlesyndication.com 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
4	widget.spreaker.com	heraldodemexico.com.mx widget.spreaker.com
4	www.googletagservices.com	heraldodemexico.com.mx securepubads.g.doubleclick.net 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
3	bh.contextweb.com	2 redirects
3	trc-events.taboola.com
3	3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	heraldodemexico.com.mx www.google-analytics.com widget.spreaker.com
3	sb.scorecardresearch.com	1 redirects heraldodemexico.com.mx
3	cdn.ampproject.org	heraldodemexico.com.mx
2	pm.w55c.net	2 redirects
2	ce.lijit.com	1 redirects
2	ads.betweendigital.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	c1.adform.net	ssum.casalemedia.com
2	match.prod.bidr.io	ssum.casalemedia.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	bttrack.com	ssum-sec.casalemedia.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	imprammp.taboola.com ssum-sec.casalemedia.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	s0.2mdn.net	3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com heraldodemexico.com.mx
2	googleads.g.doubleclick.net	3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
2	d3wo5wojvuv7l.cloudfront.net	widget.spreaker.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	connect.facebook.net	heraldodemexico.com.mx connect.facebook.net
1	am-wf.taboola.com	vidstat.taboola.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	sync.srv.stackadapt.com	1 redirects
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	jadserve.postrelease.com
1	pixel.rubiconproject.com
1	u.openx.net
1	match.taboola.com
1	sync.mathtag.com	1 redirects
1	ups.analytics.yahoo.com	ssum.casalemedia.com
1	ad.turn.com	1 redirects
1	secure.adnxs.com	ssum.casalemedia.com
1	ssum.casalemedia.com	am-match.taboola.com
1	sync.adotmob.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	imprammp.taboola.com	vidstat.taboola.com
1	15.taboola.com	cdn.taboola.com
1	analytics.twitter.com	static.ads-twitter.com
1	d3770qakewhkht.cloudfront.net	widget.spreaker.com
1	www.google.de	heraldodemexico.com.mx
1	www.facebook.com	heraldodemexico.com.mx
1	t.co	heraldodemexico.com.mx
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	heraldodemexico.com.mx
1	static.ads-twitter.com	heraldodemexico.com.mx
1	static.cloudflareinsights.com	heraldodemexico.com.mx
1	bit.ly	1 redirects
0	dpm.demdex.net Failed
254	88

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.heraldodeportes.com.mx
www.gastrolabweb.com
web.whatsapp.com
telegram.me
popup.taboola.com
go.babbel.com
wtfacts.net
investmentguru.com
rfvtgb.journalistate.com
rfvtgb.novelodge.com
tradingblvd.com
www.grupoandrade.com
www.fundaciongrupoandrade.org.mx
www.editor80.com

Subject Issuer	Validity	Valid
heraldodemexico.com.mx Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.spreaker.com Amazon	`2021-04-20` - `2022-05-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Frame ID: E5ECCF4A0F5E86DC2ACA592E680C5BDC
Requests: 132 HTTP requests in this frame

Frame: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
Frame ID: 58F654A38A1329BB543AE18FDBC8BF8F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: F7702153599904347133E4C78415A3DF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FDABB82EEC5CE87BB29C46D99A91EA3
Requests: 1 HTTP requests in this frame

Frame: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDD908A83BAD753F84DE1533EAA5DA06
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0
Frame ID: 5B5E07399F068EA90F0CA6D9A7221937
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C390D96F738A52CFBC020F395F8A2CA0
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6F76282D8A4B1D53FACA1F8CD82EC05F
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 639A17F256808B00BF53AD2FBB1F6210
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: DB2D2F9273716DC0781EE0BCFE8C854A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 1667656904179E6EEF8580D9F90B9DE6
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 7ADECBAA25D6692E2E2E02DBCA6A5B4C
Requests: 10 HTTP requests in this frame

Frame: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2055B62ECC29AC18D26A1995EF455B9F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8
Frame ID: 48B469DD5F9B29FCCADD9E5D98C9EB7C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E1BFA9AFBBEA57D22696125D1A8665BD
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 0C65F05019225185B814EA312F26B1D2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0B421AA3F2A6D8256B70A68016F294E4
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9
Frame ID: 8831B831DA6A04A7C928B345536FDAD7
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 6AA29A6FD437A8133AE9CAC91DADE331
Requests: 10 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3991F4A34F55DE8CAE1F32815BE269DD
Requests: 4 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531&tbid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef&query=taboola_hm%3Da3e5d9e1-9c37-408a-9986-d6f743e49531&isDirect=0
Frame ID: 2208B6CD5BB2DAB992361D2A7DA4D791
Requests: 20 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 69F28FA9966E7D804CDCB9B2AED85588
Requests: 5 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4ED1AE48FC77E3B3D12A03327CF6F175
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/2LTxUF4 HTTP 301
https://heraldodemexico.com.mx/tendencias/estudiante-video-viral-clases-virtuales-pide-permiso-ir-al-bano-m... HTTP 301
https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

254
Requests

97 %
HTTPS

31 %
IPv6

56
Domains

88
Subdomains

57
IPs

10
Countries

3344 kB
Transfer

8828 kB
Size

5
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/elheraldodemexico/

Search URL Search Domain Scan URL

URL: https://twitter.com/@heraldodemexico/

Search URL Search Domain Scan URL

URL: https://instagram.com/elheraldodemexico/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7E9Dj_lmrJdDrH2Bg7rNqQ

Search URL Search Domain Scan URL

URL: https://www.heraldodeportes.com.mx/
Title: Deportes

Search URL Search Domain Scan URL

URL: https://www.gastrolabweb.com/
Title: Gastrolab

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=Lee%20esta%20noticia%20https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Title:

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Title:

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%EF%BB%BFVIDEO+VIRAL%3A+Estudiante+pide+ir+al+ba%C3%B1o+en+clase+virtual+y+maestro+tiene+EXPLOSIVA+reacci%C3%B3n%20-%20https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/@heraldodemexico
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/elheraldodemexico
Title: Instagram

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/es/?template=colorbox&utm_source=elheraldodemxico-elheraldo&utm_medium=referral&utm_content=thumbnails-b:Below%20Article%20Thumbnails:
Title: por Taboola

Search URL Search Domain Scan URL

URL: https://go.babbel.com/v1/tl?bsc=spamag-15min-short-esp-cd-global-xo-tb&btp=default&utm_source=Taboola&utm_medium=CON&utm_campaign=CD_SPAALL_gES_cXO_15minShort_TB_ESP_Global&utm_content=1235946_7744052_2950983804&tcid=GiANJlTkltYB9luV2ButuxZPwVPuRt6LsWqnbQSEPjP9CiDJ-EAoiLqMr-b-hJ9V&tblci=GiANJlTkltYB9luV2ButuxZPwVPuRt6LsWqnbQSEPjP9CiDJ-EAoiLqMr-b-hJ9V#tblciGiANJlTkltYB9luV2ButuxZPwVPuRt6LsWqnbQSEPjP9CiDJ-EAoiLqMr-b-hJ9V
Title: Babbel

Search URL Search Domain Scan URL

URL: https://wtfacts.net/trending/celebridades-que-fueron-impresionantes-pero-no-envejecieron-agraciadamente?utm_source=taboola&utm_medium=elheraldodemxico-elheraldo&utm_campaign=5219366&utm_term=%C2%BFTe+acuerdas+de+ella%3F+Respira+hondo+antes+de+ver+c%C3%B3mo+se+ve+ahora&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F9eec8b4eb8957724bd16b1c32645fe75.jpg&ts=2021-06-12+19%3A01%3A02&tbv=PYUlsJTU4LA04hCAnaCN4yrHG2-ECUa-kv6qpSo1jIY=&pcl=1&br=1
Title: WTFacts

Search URL Search Domain Scan URL

URL: https://investmentguru.com/trending/casas-de-famosos-que-te-dejaran-sin-palabras/?utm_source=taboola&utm_medium=elheraldodemxico-elheraldo&utm_campaign=4423819&utm_term=Es+desgarrador+donde+vive+Eddie+Murphy+a+los+58+anos&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F964df590f366bc30fff9e40ccfaf088f.jpg&ts=2021-06-12+19%3A01%3A02&tbv=YI25kbEgjzrSV9SrVlMyyIXqSkEhFrNbUmMnfK3Wnk0=&pcl=1&br=1
Title: InvestmentGuru

Search URL Search Domain Scan URL

URL: https://rfvtgb.journalistate.com/worldwide/dreads-ta-sp%20%20%20http:/www.worldemand.com/worldwide/dreads-ta-sp?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-js-dreads-s-des-2w-gg-22051d&utm_term=elheraldodemxico-elheraldo&utm_bid=pJV1KJ_Ts9Wyl5MxENExE0JR2Hrwm7DMSkDaj5vULuM=
Title: Journalistate

Search URL Search Domain Scan URL

URL: https://rfvtgb.novelodge.com/worldwide/massag-ta-sp%20%20http:/www.restwow.com/worldwide/massag-ta-sp?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-nl-massag-s-des-2w-ag-28051d&utm_term=elheraldodemxico-elheraldo&utm_bid=pJV1KJ_Ts9Wyl5MxENExE0JR2Hrwm7DMSkDaj5vULuM=
Title: Novelodge

Search URL Search Domain Scan URL

URL: https://tradingblvd.com/trending/las-casas-super-lujosas-de-las-celebridades-el-precio-de-la-casa-de-ariana-grande-esta-de-infarto/?utm_source=taboola&utm_medium=elheraldodemxico-elheraldo&utm_campaign=4256215&utm_term=Es+desgarrador+donde+vive+Antonio+Banderas+a+los+60+a%C3%B1os&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa19b45ffbf83cc8e7048f63272b1b731.jpg&ts=2021-06-12+19%3A01%3A02&tbv=2xlPN_z_SPOpfnMOUQGlL4XqSkEhFrNbUmMnfK3Wnk0=&pcl=1&br=1
Title: Trading Blvd

Search URL Search Domain Scan URL

URL: https://www.grupoandrade.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.fundaciongrupoandrade.org.mx/
Title:

Search URL Search Domain Scan URL

URL: https://www.editor80.com/
Title:

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/2LTxUF4 HTTP 301
https://heraldodemexico.com.mx/tendencias/estudiante-video-viral-clases-virtuales-pide-permiso-ir-al-bano-maestro-tiktok/ HTTP 301
https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://sb.scorecardresearch.com/b?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%20-%20El%20Heraldo%20de%20M%C3%A9xico&c7=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%20-%20El%20Heraldo%20de%20M%C3%A9xico&c7=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&c9=

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMUEbqePmK7P7it.MhAibgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1&google_hm=2

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBZxDryi9bfTqQ1ZODTfgr8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBZxDryi9bfTqQ1ZODTfgr8%26google_cver%3D1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc0Mjg1MDI3MjE2NjA3MTM2MA%3D%3D

Request Chain 130

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=88d25246-cbb0-11eb-ab22-162d46060306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d2520a-cbb0-11eb-ab22-162d46060306&orig=video&us_privacy=1---

Request Chain 132

https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=yCPuyoJiVfBD&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1

Request Chain 134

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=88d3647e-cbb0-11eb-878e-1f057aaa0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d3644a-cbb0-11eb-878e-1f057aaa0506&orig=video&us_privacy=1---

Request Chain 136

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 137

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 139

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&dcc=t

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDroMXiabd9_nb9zEOfJPH4&google_cver=1

Request Chain 143

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 144

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=fdf43f9d-f35e-47ab-8d42-a3824309b306&expiration=1655060464

Request Chain 146

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065722040076c6f0c141726e&expiration=[EXPIRATION]&gdpr=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1

Request Chain 172

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc3OTRmOWMtYTZkNC0yMjUwLWMwOGEtNjE0OTk2NjgyZTdk

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESECkKTsG2t9dz6bIwPC5jvmc&google_cver=1

Request Chain 174

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzJhNTdlMmU2ZWE1NGM4ZTg0M2JkYjY1YWZlNzYxYzY2YWIwMmI3ZQ==

Request Chain 193

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 194

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9

Request Chain 201

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3234918226662926002

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YMUEcAABqv6mJwAC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMUEcAABqv6mJwAC&gdpr=1&_test=YMUEcAABqv6mJwAC

Request Chain 205

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a5960c5-0470-4200-9c17-d383fa14dda3&gdpr=1&gdpr_consent=

Request Chain 210

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91339865ba661e29a57ed1497dc912de&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l058d_6972984477136705496 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFpxS7YTDFyBbvSvVPbdQ4Y&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=537d416b-ac0b-45d9-8a13-4bc076fa76d5 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/91339865ba661e29a57ed1497dc912de&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-9rYm1rZE2oMgXSyIRc1VNbqNuY9qZQjYKop7zPi1~A HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91339865ba661e29a57ed1497dc912de&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&717=y-9rYm1rZE2oMgXSyIRc1VNbqNuY9qZQjYKop7zPi1%7EA&892=537d416b-ac0b-45d9-8a13-4bc076fa76d5 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1bf6_6972984481431067511 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEN12-yJTralarThKkSmIfyY&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2909113094865538082&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8e0560c5-0471-4b00-b95c-281de024359a&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

Request Chain 213

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Request Chain 214

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 215

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531&tbid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef&query=taboola_hm%3Da3e5d9e1-9c37-408a-9986-d6f743e49531&isDirect=0

Request Chain 218

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f2c8b428-7b71-52a3-978c-a6bdf749a2ce

Request Chain 220

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=llNmzxE4HNHL&ev=1&orig=trc&pid=562107

Request Chain 221

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1372691902139430745&orig=trc

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK7HaETX_DAvwGHz0y6ahNE&google_cver=1

Request Chain 224

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef

Request Chain 225

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=537d416b-ac0b-45d9-8a13-4bc076fa76d5

Request Chain 226

https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 230

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=13c57ad1-5305-4716-8b0a-4a837981b78e

Request Chain 231

https://id5-sync.com/s/464/9.gif?puid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOMOxaJr9Ci7d6Gg7JWBdemu16U4zt_ViYPEUmxQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOMOxaJr9Ci7d6Gg7JWBdemu16U4zt_ViYPEUmxQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=fd9b0bcc-2210-4792-af3f-0b5c0a8689a7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=dfdbca0ff1f6e82756acbd80d4c27cb7&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=f1fee9ee-b761-4c06-8eda-b5c10b85de9d&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=c6b69c93-e0d6-414e-a0bb-4ea008c71c00&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/2/6.gif?puid=f57aab1d-657d-4a6d-8ce8-5594d5835406&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/1/7.gif?puid=e_9b0b94a2-df0e-471f-9f71-8deb2d1d3c1d&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dfdbca0ff1f6e82756acbd80d4c27cb7&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 232

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YZXPjnp0BESmnnqzcQTFYA

Request Chain 234

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=dr-5zyhKQ8tyijxt21EzZlm7vcQ&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=dr-5zyhKQ8tyijxt21EzZlm7vcQ&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cc35da46-63e5-435f-ac1a-ba09f9ff9ac5

Request Chain 243

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null&_test=YMUEdAABf9aQQABg HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YMUEdAABf9aQQABg&gdpr=1&gdpr_consent=null&_test=YMUEdAABf9aQQABg HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=1&gdpr_consent=null HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1yMSiyef1LS8Sx5&gdpr=1&gdpr_consent=null HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null

Request Chain 247

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 248

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Request Chain 254

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Request Chain 258

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Request Chain 260

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

254 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html Show response
heraldodemexico.com.mx/tendencias/2020/5/23/
Redirect Chain

http://bit.ly/2LTxUF4
https://heraldodemexico.com.mx/tendencias/estudiante-video-viral-clases-virtuales-pide-permiso-ir-al-bano-maestro-tiktok/
https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

53 KB
10 KB

36ms
36ms

Document
text/html

2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f2e8dae89f6e686e4114bfc94078e3c81598ff5c7a1bb926ebfa6347b01e344

Request headers

:method: GET
:authority: heraldodemexico.com.mx
:scheme: https
:path: /tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-type: text/html
cache-control: public,max-age=0
expires: Sat, 12 Jun 2021 18:59:45 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 75
cf-request-id: 0aa332611b00004e92b23b5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65e5534828644e92-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-type: text/html
cache-control: private
location: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 75
cf-request-id: 0aa33260f400004e92f8a9f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65e55347efa64e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d770a1cd74ad229ceae9f95809889683a4a305b1cfdcabae9d62bad26c00fb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "901 / 31 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21287
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H3-29 200 dashicons.min.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 46 KB
28 KB 42ms
41ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/dashicons.min.css
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/dashicons.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614a00002ba127ba2000000001
last-modified: Mon, 24 Aug 2020 13:29:50 GMT
server: cloudflare
etag: W/"09b67a41a7ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553486db82ba1-FRA

GET
H3-29 200 thickbox.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 2 KB
1 KB 50ms
49ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/thickbox.css
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 821d600d10a9c7f0c2ebbff18cb185dea89aac796c46308d15bec4c0054c5344

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/thickbox.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614700002ba13a090000000001
last-modified: Mon, 24 Aug 2020 13:30:36 GMT
server: cloudflare
etag: W/"23b84fc01a7ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553486dce2ba1-FRA
cf-bgj: minify

GET
H3-29 200 style.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 29 KB
5 KB 51ms
49ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/style.css?id=cA_2297
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a50ef97e7de0b0be1941bfae07e50af9da5ba6305d41879bac7527f5e834eb42

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/style.css?id=cA_2297
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614800002ba146af2000000001
last-modified: Mon, 24 Aug 2020 13:41:06 GMT
server: cloudflare
etag: W/"3b78ec371c7ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553486dd12ba1-FRA
cf-bgj: minify

GET
H3-29 200 radio-panel.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 19 KB
4 KB 56ms
54ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/radio-panel.css?id=cA_2297
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9e2f12c9bae5195cf6d221ab7f83451fbe89629de67360b8fd79cf3908a7c6e7

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/radio-panel.css?id=cA_2297
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614800002ba11f17d000000001
last-modified: Thu, 22 Apr 2021 12:25:18 GMT
server: cloudflare
etag: W/"aafd998e7237d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=19649
cf-ray: 65e553486dd62ba1-FRA
cf-bgj: minify

GET
H3-29 200 main.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 521 KB
69 KB 58ms
57ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad7c85dd21f630ff1704356f335f9d4e2853dc850fb178866c2e6fd5c035db63

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614b00002ba1ef1ab000000001
last-modified: Fri, 07 May 2021 12:40:50 GMT
server: cloudflare
etag: W/"5c3ba363e43d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=647122
cf-ray: 65e553486ddb2ba1-FRA
cf-bgj: minify

GET
H3-29 200 interna-d.css
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/ 35 KB
7 KB 65ms
63ms Stylesheet
text/css 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/interna-d.css?id=cA_2297
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8195d11a4cce56009863c5f63a51faa07cd1357ab67f54b433b4a18cf3ec9f41

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/css/interna-d.css?id=cA_2297
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707384
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614900002ba151b17000000001
last-modified: Fri, 16 Apr 2021 15:31:28 GMT
server: cloudflare
etag: W/"6efab391d532d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=63238
cf-ray: 65e553486dde2ba1-FRA
cf-bgj: minify

GET
H3-29 200 jquery-1.12.3.min.js Show response
heraldodemexico.com.mx/a/javascript/ 95 KB
33 KB 51ms
50ms Script
application/javascript 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/javascript/jquery-1.12.3.min.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Request headers

:path: /a/javascript/jquery-1.12.3.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Sep 2018 13:13:02 GMT
server: cloudflare
age: 707351
x-powered-by: ASP.NET
etag: W/"0c3e27f634bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553486de02ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614900002ba12c1ec000000001

GET
H3-29 200 bootstrap.min.js Show response
heraldodemexico.com.mx/a/plantillas/js/ 36 KB
10 KB 68ms
67ms Script
application/javascript 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/js/bootstrap.min.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 08393c4eebfb2a747316fda17263d38ed9e6a108606463e2e39aef720b2f8df5

Request headers

:path: /a/plantillas/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2017 11:56:00 GMT
server: cloudflare
age: 707351
x-powered-by: ASP.NET
etag: W/"0484e70cca3d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553486de12ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614900002ba1612a4000000001

GET
H3-29 200 varios.js Show response
heraldodemexico.com.mx/a/plantillas/js/ 6 KB
2 KB 65ms
64ms Script
application/javascript 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/js/varios.js?id=cA_2297
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4109b5b7b210450b13ef1d81c9631141d9218acd6feb36ef30b72e756a015d7d

Request headers

:path: /a/plantillas/js/varios.js?id=cA_2297
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 707501
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332614900002ba12dbb7000000001
last-modified: Sat, 04 Jan 2020 13:12:18 GMT
server: cloudflare
etag: W/"0651d970c3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=10263
cf-ray: 65e553486de32ba1-FRA
cf-bgj: minify

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 270 KB
71 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f0545f7b9717531f068247aa5c0e285ff1656a1ce8348dd500b07cf7d3a6e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71696
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 19:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "8c600087508f4a1b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H2 200 amp-ima-video-0.1.js Show response
cdn.ampproject.org/v0/ 40 KB
13 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ima-video-0.1.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3a6043f73487407ae9a986af45faa12e9e8dfa7777f6aa22ffb30ce3672f60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13124
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 19:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "e46ee767b7e83af5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 95 KB
29 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65d49bff9fd43dd116d294a5d41cd54ab8582393d41c2d78b66dfa8679d4a49f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29516
x-xss-protection: 0
server: sffe
date: Sat, 12 Jun 2021 19:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "e53e9a08610d6c10"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H3-29 200 elheraldo-logo.svg
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 5 KB
2 KB 26ms
23ms Image
image/svg+xml 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/elheraldo-logo.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60824efde63ee5084849f31610b93e0f4251029ddbd0b952368153c9a6be10ce

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/elheraldo-logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 13:33:57 GMT
server: cloudflare
age: 707541
x-powered-by: ASP.NET
etag: W/"67fa9e62e47ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553491f812ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261af00002ba12c1f5000000001

GET
H3-29 200 logo-ruta-2021.svg
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 446 KB
334 KB 36ms
32ms Image
image/svg+xml 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/logo-ruta-2021.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 23f6e5bb6234f714d620d4f287f1784e71d56f23c0eb093cbe2d4b2ce79af040

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/logo-ruta-2021.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:34:54 GMT
server: cloudflare
age: 707346
x-powered-by: ASP.NET
etag: W/"fd21ae8301fd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553491f822ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261b000002ba14029c000000001

GET
H3-29 200 f925x521-219327_288191_5050.jpg
heraldodemexico.com.mx/u/fotografias/m/2020/5/23/ 29 KB
30 KB 30ms
27ms Image
image/jpeg 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/fotografias/m/2020/5/23/f925x521-219327_288191_5050.jpg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46ffba698c4628c7bc6187b13e965d72a479dcbca58942ebe4d54d237665bc00

Request headers

:path: /u/fotografias/m/2020/5/23/f925x521-219327_288191_5050.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
cf-cache-status: HIT
age: 74
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29941
cf-request-id: 0aa33261b000002ba143984000000001
last-modified: Mon, 22 Feb 2021 08:09:30 GMT
server: cloudflare
etag: "57caebbf28d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=32102, status=webp_bigger
accept-ranges: bytes
cf-ray: 65e553491f842ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 autor-1.png
heraldodemexico.com.mx/u/aps/noticias/fotografias/ 6 KB
7 KB 55ms
51ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/aps/noticias/fotografias/autor-1.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9b5b44d2c5cacedcd63b702440309d784a282684df65e2cc8ac3deaa12997ad2

Request headers

:path: /u/aps/noticias/fotografias/autor-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707500
x-powered-by: ASP.NET
content-disposition: inline; filename="autor-1.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6538
cf-request-id: 0aa33261b300002ba12204f000000001
last-modified: Mon, 08 Feb 2021 22:48:34 GMT
server: cloudflare
etag: "70fac886cfed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=14419
accept-ranges: bytes
cf-ray: 65e553491f862ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 autor-243.png
heraldodemexico.com.mx/u/aps/noticias/fotografias/ 70 KB
70 KB 56ms
52ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/aps/noticias/fotografias/autor-243.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 84b2acf4096d53ff8e7ad22a0753705c8a020e18b081da19448f43c1289f4576

Request headers

:path: /u/aps/noticias/fotografias/autor-243.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 48561
x-powered-by: ASP.NET
content-disposition: inline; filename="autor-243.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 71262
cf-request-id: 0aa33261b100002ba1349bb000000001
last-modified: Tue, 04 Jun 2019 18:42:12 GMT
server: cloudflare
etag: "09adb3851bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=168666
accept-ranges: bytes
cf-ray: 65e553491f882ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 autor-216.png
heraldodemexico.com.mx/u/aps/noticias/fotografias/ 80 KB
80 KB 58ms
54ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/aps/noticias/fotografias/autor-216.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e08f856a57d0556c188ddc190c2b560e794f5f1634f4d86897c69391a93f1c3

Request headers

:path: /u/aps/noticias/fotografias/autor-216.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
cf-cache-status: HIT
age: 48561
x-powered-by: ASP.NET
content-disposition: inline; filename="autor-216.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 81418
cf-request-id: 0aa33261b100002ba1ef1b7000000001
last-modified: Sun, 27 Sep 2020 00:36:46 GMT
server: cloudflare
etag: "70838c476694d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=119814
accept-ranges: bytes
cf-ray: 65e553491f8a2ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 autor-202.png
heraldodemexico.com.mx/u/aps/noticias/fotografias/ 23 KB
23 KB 61ms
57ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/aps/noticias/fotografias/autor-202.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5940f457c69c0c8e5f6853a40cd5bf114d36893d3738a67380e4c9a0963eb29

Request headers

:path: /u/aps/noticias/fotografias/autor-202.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 221141
x-powered-by: ASP.NET
content-disposition: inline; filename="autor-202.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23068
cf-request-id: 0aa33261b100002ba157b62000000001
last-modified: Thu, 25 Jun 2020 18:52:33 GMT
server: cloudflare
etag: "80eeddc8214bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=40279
accept-ranges: bytes
cf-ray: 65e553491f8c2ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 autor-54.png
heraldodemexico.com.mx/u/aps/noticias/fotografias/ 6 KB
7 KB 79ms
75ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/u/aps/noticias/fotografias/autor-54.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9b5b44d2c5cacedcd63b702440309d784a282684df65e2cc8ac3deaa12997ad2

Request headers

:path: /u/aps/noticias/fotografias/autor-54.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 245490
x-powered-by: ASP.NET
content-disposition: inline; filename="autor-54.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6538
cf-request-id: 0aa33261b200002ba12dbbf000000001
last-modified: Mon, 08 Feb 2021 22:49:10 GMT
server: cloudflare
etag: "37bf9b9d6cfed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=14419
accept-ranges: bytes
cf-ray: 65e553491f902ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 elheraldo-logo-small-2.png
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 1 KB
2 KB 62ms
58ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/elheraldo-logo-small-2.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ebf9c00bdd0390cf09ff34c920093f411b31740f10ebe51bb2c79d62827c355

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/elheraldo-logo-small-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 253762
x-powered-by: ASP.NET
content-disposition: inline; filename="elheraldo-logo-small-2.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1444
cf-request-id: 0aa33261b200002ba1050e7000000001
last-modified: Thu, 05 Nov 2020 13:27:28 GMT
server: cloudflare
etag: "09b496877b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=3803
accept-ranges: bytes
cf-ray: 65e553491f922ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 main-logo-hdeportes.svg
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 5 KB
2 KB 62ms
58ms Image
image/svg+xml 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/main-logo-hdeportes.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01a66a8038ee8c252b4b0bde9a56614c6bd28ca5eb4006e401338b3bad45a86d

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/main-logo-hdeportes.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Sep 2020 12:35:52 GMT
server: cloudflare
age: 707501
x-powered-by: ASP.NET
etag: W/"7d967c3ee81d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553491f952ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261b200002ba13ebcd000000001

GET
H3-29 200 main-logo-gastrolab.svg
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 14 KB
6 KB 62ms
59ms Image
image/svg+xml 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/main-logo-gastrolab.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 422d15bf6670ecb97e6014f1a173b89cbb7caf2c1caa92254ccd606b1b07c908

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/main-logo-gastrolab.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 12:46:57 GMT
server: cloudflare
age: 707501
x-powered-by: ASP.NET
etag: W/"f6fde976d24d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553491f982ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261b600002ba1090b0000000001

GET
H3-29 200 logo-grupo-andrade-blanco.png
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 4 KB
4 KB 63ms
59ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/logo-grupo-andrade-blanco.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3471bc0e5cd37182042a3c24d6cb8e6bec462c200971b55fbcf9d106fd24b910

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/logo-grupo-andrade-blanco.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 249198
x-powered-by: ASP.NET
content-disposition: inline; filename="logo-grupo-andrade-blanco.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4106
cf-request-id: 0aa33261b300002ba16b373000000001
last-modified: Mon, 05 Oct 2020 13:18:17 GMT
server: cloudflare
etag: "983e8fd199bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=9572
accept-ranges: bytes
cf-ray: 65e553491f9a2ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 logo-fundacion-grupo-andrade.png
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 13 KB
14 KB 32ms
29ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/logo-fundacion-grupo-andrade.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b06e7c5f82ac2fab22b7f2d067b681032b4653a05cfe9f27e7356cd141a35b9

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/logo-fundacion-grupo-andrade.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:00 GMT
cf-cache-status: HIT
age: 253761
x-powered-by: ASP.NET
content-disposition: inline; filename="logo-fundacion-grupo-andrade.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13492
cf-request-id: 0aa33261b300002ba114a5b000000001
last-modified: Fri, 02 Oct 2020 12:53:35 GMT
server: cloudflare
etag: "af17cabb98d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=29005
accept-ranges: bytes
cf-ray: 65e553491f9d2ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 comscore-logo-blanco-small.png
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/ 4 KB
4 KB 63ms
59ms Image
image/webp 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/imgs/comscore-logo-blanco-small.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 552d4f1dd02262c4b610d5f1b21430b5d5a42411d1075437b5548fb95194d9b7

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/imgs/comscore-logo-blanco-small.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 244013
x-powered-by: ASP.NET
content-disposition: inline; filename="comscore-logo-blanco-small.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4130
cf-request-id: 0aa33261b300002ba12f8fb000000001
last-modified: Wed, 20 May 2020 17:31:44 GMT
server: cloudflare
etag: "def22e88cc2ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origFmt=png, origSize=8597
accept-ranges: bytes
cf-ray: 65e553491f9f2ba1-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 e80-blanco.svg
heraldodemexico.com.mx/a/plantillas/imgs/ 6 KB
3 KB 63ms
60ms Image
image/svg+xml 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldodemexico.com.mx/a/plantillas/imgs/e80-blanco.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eafef16112918161ad4f4cd2ea8f0a3103c6d5453619ec94140644f95e24da17

Request headers

:path: /a/plantillas/imgs/e80-blanco.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2017 12:07:22 GMT
server: cloudflare
age: 707501
x-powered-by: ASP.NET
etag: W/"039cf6cea3d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e553491fa12ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261b300002ba154a81000000001

GET
H3-29 200 main.js Show response
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/js/ 224 KB
57 KB 64ms
60ms Script
application/javascript 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/js/main.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3b79d04870feaae80844b5323755c0ab0193a27d573db524d7b145b54829d992

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 707345
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261b400002ba16595f000000001
last-modified: Mon, 12 Apr 2021 16:27:43 GMT
server: cloudflare
etag: W/"ab36dfc3b82fd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,stale-if-error=86400,max-age=31536000
cf-polished: origSize=352085
cf-ray: 65e553491fa32ba1-FRA
cf-bgj: minify

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 34ms
13ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 65e5534938c305fd-FRA
cf-request-id: 0aa33261c2000005fd861ff000000001

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 74ms
22ms Script
application/javascript 99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:36:45 GMT
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1456
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: WG6RQfroHJmBYzCucKgT1a5IgkgtGOviOe2nf4iXy9hg4Mh7Rhd1sw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: HSwrlCjZm8lcY6XB1cSab6Pg7cykkKYSa/HM9zGe8XH4qULgCXe0fwckVi2RiAP6H940MGcT2gQA9zircR9BBQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 12 Jun 2021 19:01:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 98ms
27ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 29340
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623524461.060068,VS0,VE0
x-served-by: cache-hhn11555-HHN

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/ 200 KB
26 KB 109ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e40b19e3f077e10070b05a38efdebd07333f11165495317c10be3ee667207fb6

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dEU6bg75GfB19BPlYzr81wV2_o7MPMqw
content-encoding: gzip
etag: "4eb5a81bdb4b861751d9dbbeef335a7d"
age: 75
x-cache: HIT
content-length: 25852
x-amz-id-2: rtnPQ5ZVLX4RVWl1IzWNlGipiMQBXZ3L6ZqBudgbKmrG7Lk7E9nxQz7UZ+vFTA2xoaeY6SJzeWE=
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 10 Jun 2021 09:27:17 GMT
server: AmazonS3
x-timer: S1623524461.065106,VS0,VE1
date: Sat, 12 Jun 2021 19:01:01 GMT
vary: Accept-Encoding
x-amz-request-id: 41H8VHMMK9FATR9N
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 33
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 38ms
4ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 144
date: Sat, 12 Jun 2021 18:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 12 Jun 2021 20:58:37 GMT

GET
H2 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 88ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:01 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 156 B
767 B 90ms
32ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=heraldodemexico.com.mx

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a0f9785e2fee540cc4a9e0e8389517a2add747e765f94de4a091fe70071b5277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/radio-panel.css?id=cA_2297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Jun 2021 17:19:44 GMT
server: ESF
date: Sat, 12 Jun 2021 19:01:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Jun 2021 19:01:00 GMT

GET
H3-29 200 lecturas.asp Show response
heraldodemexico.com.mx/include/includes/varios/ 0
370 B 299ms
295ms XHR
text/html 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/include/includes/varios/lecturas.asp?docid=178508&desde=w&r=&u=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&a=0&s=8&ur=&t=0&fn=2020/5/23%2011:45:00
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/javascript/jquery-1.12.3.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /include/includes/varios/lecturas.asp?docid=178508&desde=w&r=&u=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&a=0&s=8&ur=&t=0&fn=2020/5/23%2011:45:00
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: heraldodemexico.com.mx
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:method: GET
Accept: */*
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; Charset=UTF-8
cache-control: private,Private
cf-ray: 65e553491f7e2ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261af00002ba111210000000001
expires: Sun, 12 Jun 2011 03:00:00 GMT

GET
H3-29 200 Relay-Bold.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 12 KB
12 KB 57ms
56ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/Relay-Bold.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: beaea909868e4cf222b7ecc4debce224470f90a3c6a233a4f197ef4a759eff21

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/Relay-Bold.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707351
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12288
cf-request-id: 0aa33261b900002ba143985000000001
last-modified: Mon, 24 Aug 2020 15:07:43 GMT
server: cloudflare
etag: "47b56051287ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e553492fb62ba1-FRA

GET
H3-29 200 fontawesome-webfont.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 75 KB
76 KB 58ms
57ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707350
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
cf-request-id: 0aa33261b900002ba13a09a000000001
last-modified: Mon, 24 Aug 2020 14:55:11 GMT
server: cloudflare
etag: "f6caf91267ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e553492fb92ba1-FRA

GET
H3-29 404 PrumoText-Medium.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 0
0 60ms
59ms Font
text/html 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Medium.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Medium.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 230
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 65e553492fbb2ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa33261bb00002ba137b62000000001

GET
H3-29 200 PrumoText-SemiBold.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 27 KB
27 KB 60ms
60ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-SemiBold.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9cb292f950ae178884beaef6e05b61f2f0a35e6190cac84bf57719c726a542ca

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-SemiBold.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707350
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27392
cf-request-id: 0aa33261ba00002ba163bf5000000001
last-modified: Wed, 20 May 2020 13:30:31 GMT
server: cloudflare
etag: "8171acd5aa2ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e553492fbf2ba1-FRA

GET
H2 200 player Show response
widget.spreaker.com/ Frame 58F6 91 KB
16 KB 148ms
94ms Document
text/html 99.86.241.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-22.vie50.r.cloudfront.net

Software

Spreaker Proxy Cache /

Resource Hash

b753fe182cd4700233119346fa459ba449f96bb309cc6c9d999d95143d288a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: widget.spreaker.com
:scheme: https
:path: /player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

content-type: text/html; charset=utf-8
date: Sat, 12 Jun 2021 19:01:01 GMT
server: Spreaker Proxy Cache
cache-control: max-age=10, stale-while-revalidate=3, no-transform
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-spreaker-from-cache: true
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: jdI5NkwaKHfubaJNsRffHwYBNgzfBygUBAhuukmBuwNqVHqoo15-dQ==
age: 0

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 PrumoDeck-Bold.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 27 KB
27 KB 26ms
26ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoDeck-Bold.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 96a051b7fb891fc93eea29208c725a4dd4fa009cea86bb307f12c2948760ae92

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoDeck-Bold.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707350
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27704
cf-request-id: 0aa332620e00002ba154a8e000000001
last-modified: Mon, 24 Aug 2020 15:08:47 GMT
server: cloudflare
etag: "a478aa77287ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e55349a9192ba1-FRA

GET
H3-29 200 Relay-Regular.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 12 KB
13 KB 21ms
21ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/Relay-Regular.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bbe80f4d3e7a9d09c67ac85470613bd05e370280556e57a285ef0a66d0a8ece7

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/Relay-Regular.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707349
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12408
cf-request-id: 0aa332620f00002ba127bba000000001
last-modified: Mon, 24 Aug 2020 15:08:26 GMT
server: cloudflare
etag: "658b6b287ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e55349a9232ba1-FRA

GET
H3-29 200 PrumoText-Bold.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 27 KB
27 KB 43ms
42ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Bold.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b37fca127be0851975b1f6007612b11829d96c229482b82489220cf564ab46e2

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Bold.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707350
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27608
cf-request-id: 0aa332620f00002ba14d113000000001
last-modified: Wed, 20 May 2020 13:32:28 GMT
server: cloudflare
etag: "73287b1bab2ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e55349a9292ba1-FRA

GET
H3-29 200 ionicons.ttf
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 184 KB
185 KB 36ms
35ms Font
application/octet-stream 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/ionicons.ttf?v=2.0.0
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707349
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 188508
cf-request-id: 0aa332621200002ba10e924000000001
last-modified: Wed, 20 May 2020 14:35:02 GMT
server: cloudflare
etag: "e7ecfbd8b32ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e55349a92e2ba1-FRA

GET
H3-29 200 PrumoText-Book.woff2
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 27 KB
27 KB 30ms
30ms Font
application/font-woff2 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Book.woff2
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d07e69369f0c3bfc75940293ef1926c53df4e7301f52ee4d8ce343f83bfc822e

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Book.woff2
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
age: 707349
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27692
cf-request-id: 0aa332622f00002ba124a16000000001
last-modified: Wed, 20 May 2020 13:25:55 GMT
server: cloudflare
etag: "711ed530aa2ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,stale-if-error=86400,max-age=31536000
accept-ranges: bytes
cf-ray: 65e55349e9ac2ba1-FRA

GET
H3-29 200 PrumoText-Medium.woff
heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/ 39 KB
40 KB 32ms
32ms Font
font/x-woff 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Medium.woff
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d1afbc0da94d65b60546b6d33a6a074a37fe4796676fcaf8d88da2178b5a0c3b

Request headers

:path: /a/plantillas/p/el-heraldo-de-mexico/fonts/PrumoText-Medium.woff
pragma: no-cache
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/a/plantillas/p/el-heraldo-de-mexico/css/main.css?id=cA_2297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 May 2020 13:34:31 GMT
server: cloudflare
age: 707349
x-powered-by: ASP.NET
etag: W/"f6c34764ab2ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public,stale-if-error=86400,max-age=31536000
cf-ray: 65e55349e9c02ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa332623400002ba16d9a4000000001

GET
H3-29 206 WhatsApp-Video-2020-05-23-at-11.14.14.mp4
heraldodemexico.com.mx/wp-content/uploads/2020/05/ 128 KB
0 29ms
28ms Media
video/mp4 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldodemexico.com.mx/wp-content/uploads/2020/05/WhatsApp-Video-2020-05-23-at-11.14.14.mp4
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:path: /wp-content/uploads/2020/05/WhatsApp-Video-2020-05-23-at-11.14.14.mp4
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: video
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
cf-cache-status: HIT
last-modified: Sat, 23 May 2020 16:42:19 GMT
server: cloudflare
age: 75
x-powered-by: ASP.NET
etag: "8067ba1f2131d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-1450519/1450520
cf-ray: 65e5534a09ed2ba1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 1450520
cf-request-id: 0aa332624200002ba12205d000000001

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 26ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://heraldodemexico.com.mx
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 17:35:42 GMT
x-content-type-options: nosniff
age: 5119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:35:42 GMT

GET
H3-29 200 766393107432695 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/766393107432695?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6c5643def4b171e80b4c9ea3c7f39eb4cc36d927df6c6f738531b5064808efa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2265
x-fb-rlafr: 0
pragma: public
x-fb-debug: iS646nDzW3PyznO55LMmosZQccqNj2ITuEPAUzqOSdervnQBNhTOXHb5KrTHrYYdpK/ar9Al6o0jiNqesi2aHw==
x-frame-options: DENY
date: Sat, 12 Jun 2021 19:01:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=27946474&t=pageview&_s=1&dl=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&ul=en-us&de=windows-1252&dt=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%20-%20El%20Heraldo%20de%20M%C3%A9xico&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=825777210&gjid=16448865&cid=1431762672.1623524461&tid=UA-96905944-1&_gid=568348014.1623524461&_r=1&_slc=1&z=48203766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%...

64 B
330 B

37ms
37ms

Image
image/gif

99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%20-%20El%20Heraldo%20de%20M%C3%A9xico&c7=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&c9=
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: gBZUz8pePgbBlKa9zTHvIzV2GFLaHGhho6VoodLvfNy6e-7ujIwvbg==

Redirect headers

date: Sat, 12 Jun 2021 19:01:01 GMT
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=25225644&ns__t=1623524461291&ns_c=windows-1252&cv=3.5&c8=VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%20-%20El%20Heraldo%20de%20M%C3%A9xico&c7=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&c9=
content-length: 468
x-amz-cf-id: rdNAXnFOOTI3_A52vYKvAZX5kBdATTcm9UPc_pYlfX8aLzgS6BS0fA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-96905944-1&cid=1431762672.1623524461&jid=825777210&gjid=16448865&_gid=568348014.1623524461&_u=IEBAAEAAAAAAAC~&z=834071041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 12 Jun 2021 19:01:01 GMT
content-type: text/plain
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/elheraldodemxico-elheraldo/ 3 KB
2 KB 235ms
174ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/elheraldodemxico-elheraldo/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab50b56dac8fd9c63c12e1424f2b59cc57599e64706c37a87332a7a4517a27e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: f14qQU_F8iQ.EyybdRsD5IFPaJjdUIfk
content-encoding: gzip
etag: "61aca2a6902e76cddadcd8bda9f68919"
age: 75
x-cache: HIT, MISS
content-length: 1122
x-amz-id-2: Sh18EcdwC+bC3QDvd70mMYX4LBqG4SIILiDx39kWseIUQbHo1b/RSZ2qU3b/I4qxFvfgjXFRBAA=
x-served-by: cache-lax10621-LGB, cache-fra19173-FRA
last-modified: Fri, 12 Mar 2021 09:59:33 GMT
server: AmazonS3
x-timer: S1623524461.401625,VS0,VE146
date: Sat, 12 Jun 2021 19:01:01 GMT
vary: Accept-Encoding,,
x-amz-request-id: PEDZ44FY2V6WPCA8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210610-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 494 KB
113 KB 35ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d7e6804e0f55fa09ec9a6ea1bccd64ca993a297de1681f72e9bc761bb745861c

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _g2Sf5m1MUfSS3ExvhI7urPFT8pCOUmO
content-encoding: br
etag: "c7b729478f0d3ae3cc050f11478c17a0"
age: 6863
x-cache: HIT
content-length: 115706
x-amz-id-2: ozvasnKZVoGhA36b0uvhvyOvL1UVmJ6v0201+sLiqEYUsJzRZh+i5jSVw3rm6c604cX2QthrQlk=
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 10 Jun 2021 09:05:27 GMT
server: AmazonS3-br
x-timer: S1623524461.341073,VS0,VE0
date: Sat, 12 Jun 2021 19:01:01 GMT
vary: Accept-Encoding
x-amz-request-id: VX41T2H9B3GZYER8
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 74316

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=heraldodemexico.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=heraldodemexico.com.mx

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
23 KB 704ms
669ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4114021286211367&correlator=2969816636607380&output=ldjh&impl=fif&eid=31061357%2C21068030%2C31060412%2C44744016&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210612&iu_parts=21791093160%2Cinicio940&enc_prev_ius=%2F0%2F1&prev_iu_szs=940x100%7C1140x100%7C1140x150%7C1140x200%7C728x90%7C970x90&cust_params=sitio%3Del-heraldo-de-mexico%26id_noticia%3Dn178508%26temas%3DSin%2520Tema%26intereses%3D%26tipo%3Dnoticia%26cfg_adx%3Don%26seccion%3Dtendencias%26autor%3DNo%2520es%2520Noticia%26subseccion%3Dtendencias&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1623524461&dt=1623524461352&dlt=1623524460863&idt=467&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=279&adks=3185235966&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x90&msz=1320x90&ga_vid=1431762672.1623524461&ga_sid=1623524461&ga_hid=27946474&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6f5a6f8813f20bfeb1b1c1e33ad8e344b6a21d14a9e2c2a268395b30b749cf18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 50ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
22 KB 2397ms
2363ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4114021286211367&correlator=2969816636607380&output=ldjh&impl=fif&eid=31061357%2C21068030%2C31060412%2C44744016&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210612&iu_parts=21791093160%2Cderecha(1)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C360x360%7C300x600&cust_params=sitio%3Del-heraldo-de-mexico%26id_noticia%3Dn178508%26temas%3DSin%2520Tema%26intereses%3D%26tipo%3Dnoticia%26cfg_adx%3Don%26seccion%3Dtendencias%26autor%3DNo%2520es%2520Noticia%26subseccion%3Dtendencias&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1623524461&dt=1623524461357&dlt=1623524460863&idt=467&frm=20&biw=1600&bih=1200&oid=3&adxs=1125&adys=1525&adks=1818259531&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=295x250&msz=295x250&ga_vid=1431762672.1623524461&ga_sid=1623524461&ga_hid=27946474&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6de4943f8ff155f8280295e35b3abc94793a8eeacc026b69b3448f60c46d3734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22828
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 454 B
271 B 377ms
344ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4114021286211367&correlator=2969816636607380&output=ldjh&impl=fif&eid=31061357%2C21068030%2C31060412%2C44744016&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210612&iu_parts=21791093160%2Cpie940&enc_prev_ius=%2F0%2F1&prev_iu_szs=940x100%7C1140x100%7C1140x150%7C1140x200%7C728x90&cust_params=sitio%3Del-heraldo-de-mexico%26id_noticia%3Dn178508%26temas%3DSin%2520Tema%26intereses%3D%26tipo%3Dnoticia%26cfg_adx%3Don%26seccion%3Dtendencias%26autor%3DNo%2520es%2520Noticia%26subseccion%3Dtendencias&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1623524461&dt=1623524461359&dlt=1623524460863&idt=467&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=2872&adks=2072527658&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x0&msz=1320x0&ga_vid=1431762672.1623524461&ga_sid=1623524461&ga_hid=27946474&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3b08ad60c055f24b2a9d541f5b57e2ffe052f59a358fc5bcb0686cc15629571c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 209ms
149ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0ayc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 12 Jun 2021 19:01:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f4c6270b63f32cc78336165e3d62fe433fc8f0cfdec4d576cd1df00a9f579b7f
x-transaction: 289e5185979573f2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=766393107432695&ev=PageView&dl=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&rl=&if=false&ts=1623524461377&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=28&it=1623524461161&coo=false&rqm=GET

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 12 Jun 2021 19:01:01 GMT

GET
H2 200 player-base-5f13a344dbf28ff80a2b.js Show response
widget.spreaker.com/ Frame 58F6 791 KB
210 KB 28ms
28ms Script
application/javascript 99.86.241.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-22.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f22be6574f9c4db228ea0ecf2c5508c0091b37748a0c78742dbf9e178c98682a

Request headers

Referer: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:55:48 GMT
content-encoding: gzip
age: 1922714
x-cache: Hit from cloudfront
content-length: 214109
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 12:55:20 GMT
server: AmazonS3
etag: "44466cee8c215d77c95256801bbe0245"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: YkzJUIpX76D8FwmrOq4TzeAnIRLY3-0pbmfLZeZUr1SdVdiMxJIXmA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 51ms
29ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-96905944-1&cid=1431762672.1623524461&jid=825777210&_u=IEBAAEAAAAAAAC~&z=427157328

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 50ms
28ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-96905944-1&cid=1431762672.1623524461&jid=825777210&_u=IEBAAEAAAAAAAC~&z=427157328

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 58F6 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 144
date: Sat, 12 Jun 2021 18:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 12 Jun 2021 20:58:37 GMT

GET
H2 200 60d86a1e079b0cc122db05d66e02be1a.svg
widget.spreaker.com/ Frame 58F6 5 KB
3 KB 23ms
23ms Image
image/svg+xml 99.86.241.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.spreaker.com/60d86a1e079b0cc122db05d66e02be1a.svg
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-22.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17c5b930c134a637e60f870f99c45ff682a19221282f9913887976a2ef713244

Request headers

Referer: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 23:35:09 GMT
content-encoding: gzip
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 15362753
x-cache: Hit from cloudfront
content-length: 2429
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 16:27:48 GMT
server: AmazonS3
etag: "98fe884e45d6b04c698111dd23ee1879"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 5WW_7m6SGEWy20A0F1jjODV9xVqOtqOQg7NXQ0NAS3zknlGIsXT4Ag==

GET
H2 200 03017bddf05d523e7eac1931e1969df3.jpg
d3wo5wojvuv7l.cloudfront.net/t_square_limited_160/images.spreaker.com/original/ Frame 58F6 10 KB
11 KB 75ms
26ms Image
image/jpeg 13.32.11.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3wo5wojvuv7l.cloudfront.net/t_square_limited_160/images.spreaker.com/original/03017bddf05d523e7eac1931e1969df3.jpg

Requested by

Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.148 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-148.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

d2d23876487bf4d032099c38c5997fa87938f3180c20ee8df1e78e95e7a7fd34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:23:18 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10766263
x-cache: Hit from cloudfront
server-timing: akam;dur=551;cpu=15;start=2021-02-08T04:23:17.891Z;desc=miss,rtt;dur=0,cloudinary;dur=452;start=2021-02-08T04:23:17.943Z
content-length: 10261
last-modified: Sun, 31 Jan 2021 11:47:25 GMT
server: Cloudinary
etag: "d9257b2ed450f12fcd8eb511a53dbf20"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: od7YfRcKspb_aV5GvpKGOpBYSr5l5yxLZv8X6HmWTRtfj2VR1pDEpA==

GET
H2 200 e7bcc4a31b989f5042ec9e0e7cd8b6b7.svg Show response
widget.spreaker.com/ Frame 58F6 55 KB
21 KB 23ms
22ms XHR
image/svg+xml 99.86.241.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.spreaker.com/e7bcc4a31b989f5042ec9e0e7cd8b6b7.svg
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-22.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a68652e1e5e6b633e5a9dd219e828c01ab4f3dfc639d8a23d9c5952428ae825e

Request headers

Accept: application/json, text/plain, */*
Referer: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:46:20 GMT
content-encoding: gzip
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 789282
x-cache: Hit from cloudfront
content-length: 21429
access-control-allow-origin: *
last-modified: Wed, 14 Oct 2020 15:33:45 GMT
server: AmazonS3
etag: "4fda2ee3bcb585fef9cebb52d0cacf8c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: dU4hxPooQKpqemPciFjdEGxnP5eq_k-UgosAitgTY2q-P7SzHkJl9w==

GET
H2 200 episode_44265048.gz.json Show response
d3770qakewhkht.cloudfront.net/ Frame 58F6 15 KB
5 KB 113ms
37ms XHR
application/json 13.225.84.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3770qakewhkht.cloudfront.net/episode_44265048.gz.json?v=TpVZSF
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-7.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56b2106e87f12c8e66935a343df2a13e35973a801a9e56c2adb2008c4aefbed2

Request headers

Accept: application/json, text/plain, */*
Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 01:37:33 GMT
content-encoding: gzip
vary: Origin
age: 5592209
x-cache: Hit from cloudfront
content-length: 4327
access-control-allow-origin: *
last-modified: Fri, 09 Apr 2021 01:26:44 GMT
server: AmazonS3
etag: "310db2512b21b6ba623c1f889e1d4d15"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=252460800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: lRWMaxxIiSncdMnbk7XtnY5lOHgAHbUXqaTELQrUEM9YvcYhIoMREQ==

GET
H2 200 03017bddf05d523e7eac1931e1969df3.jpg
d3wo5wojvuv7l.cloudfront.net/t_square_limited_720/images.spreaker.com/original/ Frame 58F6 86 KB
86 KB 85ms
38ms Image
image/jpg 13.32.11.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3wo5wojvuv7l.cloudfront.net/t_square_limited_720/images.spreaker.com/original/03017bddf05d523e7eac1931e1969df3.jpg
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?show_id=4272343&theme=dark&playlist=show&playlist-continuous=false&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=left&hide-logo=false&hide-likes=false&hide-comments=false&hide-sharing=false&hide-download=true&color=f91c55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-148.vie50.r.cloudfront.net
Software: /
Resource Hash: 34134c922c986acdaa1f7b8366eb0eb0a3ed4fad98408687771d1d22d101815e

Request headers

Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 08:34:40 GMT
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
age: 2456781
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: public, max-age=31536000, stale-while-revalidate=7884000, no-transform
x-amz-cf-pop: VIE50-C2
content-length: 87948
apigw-requestid: fXIg-h8BjoEEPgw=
x-amz-cf-id: YdsNew0_OlUPuJK1faHl632ZvJnblxoAJIniStPf0oVlI9JP3Jj0rg==

GET
H2 200 pmk-202010011.1.js Show response
widget.perfectmarket.com/elheraldodemxico-elheraldo/ 118 KB
32 KB 29ms
29ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/elheraldodemxico-elheraldo/pmk-202010011.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/elheraldodemxico-elheraldo/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ed82d72a40fcd4f75ef8e9355544a4207371554766f20232befc8a3bab2f1d9

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GKaKP8MeYkz8P0bUcVTggrrkkac1Nc65
content-encoding: gzip
etag: "42d0316e3e2e9977093f375c85e86065"
age: 297791
x-cache: HIT, HIT
content-length: 32408
x-amz-id-2: dzJJcOkbk9+77k30KvA5lsgOLlm2Si8LJ4UzJuEF6JK8QHhvDJpwPezB4g6FTPSe5UXJqbFjBIM=
x-served-by: cache-sna10747-LGB, cache-fra19173-FRA
last-modified: Fri, 12 Mar 2021 09:59:33 GMT
server: AmazonS3
x-timer: S1623524462.661495,VS0,VE1
date: Sat, 12 Jun 2021 19:01:01 GMT
vary: Accept-Encoding,,
x-amz-request-id: X54ZRBF0CM6XWEG4
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 317, 1

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 180ms
131ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o0ayc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 12 Jun 2021 19:01:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 777e8940c68fa16bf50bc129bf9cadedfec267503bd43693618f5550ae108203
x-transaction: d6192ab905483bb6
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-29 200 rum Show response
heraldodemexico.com.mx/cdn-cgi/ 0
171 B 21ms
21ms XHR
text/plain 2606:4700::6812:1070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heraldodemexico.com.mx/cdn-cgi/rum?req_id=65e5534828644e92

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://heraldodemexico.com.mx
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.3.1431762672.1623524461; _gid=GA1.3.568348014.1623524461; _gat=1; _tb_sess_r=
content-length: 21415
:path: /cdn-cgi/rum?req_id=65e5534828644e92
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: heraldodemexico.com.mx
referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://heraldodemexico.com.mx
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 65e5534ddc482ba1-FRA
vary: Origin

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

064aee9dcd2e3bbb83dc65fa7b0c388664f9fb6ef082f038afbe9b82b1bddc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8025
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:01 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame F770 12 KB
5 KB 20ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 12 Jun 2021 18:24:18 GMT
expires: Sun, 12 Jun 2022 18:24:18 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FDA 783 B
532 B 29ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

11414c2540307e8a7d902cf0d7d9de1fd86f089879d772ebbf6efba6425988e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kWIMFld0tYmg84W79ApSJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

expires: Sat, 12 Jun 2021 19:01:01 GMT
date: Sat, 12 Jun 2021 19:01:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kWIMFld0tYmg84W79ApSJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame F770 14 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 06:56:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=4114021286211367&bg=!ysmlyY3NAAY6sG-_OrA7ACkAdvg8WoU0RMf8HV76erRZ2FGNMScUZ-ShY7wbu4VfNIDIn6OSWx5D8gIAAABbUgAAAAxoAQcKAQh0VCXLw65ysFrv0BNtVQdxaSA9lHRSnTK7lcw0WwudR17Lo6L1sqhEysYvugz86fnrjQ7Lo7x-UUblwRjr2krOiKfPzxM4Jxs_dRHioBfZYmVaQ9q8qJWaAstzAmGY0bFKWcgGuAllJf6oDMKLG3pJuCZYD-NpqeKD3PPGTmxEO6C9giYcisay5dLn43SqoXwO8cYaIAu7Pxk3Xjr4thjFg7P8o9Lzsf13tLo60OMkDeFzc_3KfR1KDhdGsak7_MmCyrBJ-SoGbib55KzxppbImDzKkwGd97StiGHWFvIlRoFqpkd4GlW3jSfEI2ZWpgAnrtTDwfoHeZEEGc4aYhPRvq_2KLR6Qf6ZAmjcm819IuPBrMNQs2-l8GAtc7Pt3oE2cgzjCd05SC9EuqM92Kz3mTG2QB0GeGusrcOHU-lHCbYNG0IsQ3NUNa5nPmn2g3XW0o4VY7bDD24bUWzPk9zNekkAmUQH_UF7D-y-3WO4bMJL1fcV8NBHszWatyQXwmTnG26os2rUcAfK_dRqviaIj-lav-Pmown7AL7ocwIGFNLxYEV5y6AoaEmxEpJ_zaj2ZZWBCN4I87yqB_Phmn7Ae4XlZwxRzC74T4nSduqs2deBdzAspm3IZEJCHzfzhTUuvfgDTgB-T2_27h4FHfTV0DgDBBgz2U8xG8B_gN4TaG_mmZa0dGFQocUc3wwoj0TdtYNMujUDHO-1aUASW9senUJcHDWIui2kt-TXT-RotRHU-ALXuwRq7ZoKpaqEcTRfPFI5Xx9Z_riC5L9RkA6sHhZTgIrLzYAOguVjlga8CgqiKnB4hRIjMedUkSooDRWRkJNIsk3l-GEctYwTgjeaqtbcesKZY9zrOutp74vrecX7_xbRKifsmwxC0iX2RYso_KLHttWZWaK5LMcFmkT7SXX7MGcbdkjROmSh1riVcTRBqESKdsbFviNabjGvJJXDurQ6t0No33Vmc1TMMcvedrkA9ZPDYP4GCmncZNl5YAGJvtC5VpBL3n4Pg42nY2Fj8z0VQqIR_pZzJYibr-b1TIC7ijeU1yyJsLQDGfuC2wY3_VkWvYIxzJp4Ec3Hw65uiikmIJgPeXRrVhnGsay62FoH3_fize0MpWjtu1_gGpwZUyLYxZkGeKybt8Me6EgcIOtWFrArye9ZJ8-FiqC_zYXB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDD9 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 12 Jun 2021 19:01:01 GMT
expires: Sun, 12 Jun 2022 19:01:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5B5E 624 B
996 B 40ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 12 Jun 2021 19:01:02 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlG_vOHYNbfl6NJyiAcYLyS10K8K7jidYYBTEqtiJsTVr6qraHduQaowCrj; expires=Thu, 07-Jul-2022 19:01:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 19:01:02 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame FDD9 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 18:41:51 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame FDD9 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 18:38:15 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDD9 0
592 B 123ms
67ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-jYjKSvCWzQQV_AajzdQlSx8CjZI3z343EN-nou0S5ifQVos7SBBFbzI-aWriMj5YW3qT1ItCTg1APTY2M9r7qpRvjIdKsYSn-Z6Hr3HhE0zXEAllT3yYQSpmXrjJj9_hbel_fqnjFjOU1tPLuy9-2f0pExTqdip9r2CU63jpQwJ7qKmP8iPjly1ytq_3GuQaO8qPFdzi3MIlpJeDQHwjiRIcPikpbnq94rrRziCoTomFAZ-mx0HP7CoHSnPwOhTFMnBFcPrKzCwo59AazyaCCecM5ft9UXOEEVuEWQ4dGvHMP5bUQFydRPu41SCXX4PjsDxIYfIO4u81j--dHw9TN8waQNWBIr3VbrjGy-p1tie9bjexLBmk67b-A1-8Ut8EnKk4gvYemCkgbnIViqM24L0ViBNGw7y3bCSHj3BrVsukneUZE4gtBj5mfpGvb1ZN_KUYu_PJLg49b6PnRkeaSgqQmx7t9aRDdYFFbLxfUTB3MP4Wdgd2DTa2bSaS5hw1ZSorQiKiPZ4BDrJuB_iUjwZkzhd0KGvt8hRh74gUjswDIh7_wFaAAIA57p6_FcbZ7jFubwbreR9vUlw7IyigQelUfGQgVXQ3bHsLm1chAQGk3YIBTrDVYiuWXMZUv5nRbenAAM6vUGJMdYOdplsBmrx-BHzWCVR2l4Q7mVN0uHBn6giOiw7i2oeXvk3z7ssub0MBQJv2Wr551YGecAo47OzQKFLDLQiZqzztCoumF1hy6uie8lG1deRwTz6pyab-8Sv9sizVaD8g536SXo9nvBeJJvJ27zxNXlSvjgtYGWir8o66VtJma3ohgs2OhQL9KwFrwIIsOS8YqsNbz2HDvBNCLq4F3FwdRGRVndw8LcR87W0Vv9ZUlKkF1xpZS9cZYmEKqKjOOKbguzHbZRhy5umEq6Q8ax_9AJ945bAuINVFNUyzMy_HPRqeXiCdjzFvv-IKxbMuj97oSYJkeoxLCsSqR4z_JaI5l-60KulIKAUte2KYxF5PRPE1XTcv6Ep-PG8uCALeadIBdywGFwrknUYj3dnCwxffb3zXV0dJZD4Ui2RIU9UJBhmQoSdJONFWlqSF7uQTbHjwxKt7_4JGfCd2lp0woct_eW4V2HXU6_ZuzTTTXAys9qM6FviVRF84c59vrq0&sai=AMfl-YTZX2tD1SU8XzKnfYWVUe4sxRe0oAuBRontiHlUtgDJC7PikZDvE-J-AGKaHiPU4bGEGfzaL6mqfjwZ0KnaqaCZb3QRgP-zhGmjf1UfRZlreZkhp0b6lJqatB0W9AGo3f2sxSG6QMB5U1q970SXxcydFeLjCnnSHzWLJWlFHfiQBHZzEJRKCR9UJtpksJMBCPyn_GG4QtvG_8GIuPOoY9szx41MI8rrYMBnGmIad2Hl_OrILopa2KaGJBCwMjfzwEs1n14gVhmRLGJK2YPHSnyOUYl4NzU9ZLHEPsUO8liApprz5hhsVfoILWXsr9Z3A5Z0G8d9vFYMCKdGpj7idzapwpnhheJKK-D5LEK-XALzpYF4a1iEY7U0sTJ6ViB9EmNlXgS-&sig=Cg0ArKJSzLhNgS3Arz9sEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.19383&adurl=

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 12 Jun 2021 19:01:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FDD9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDD9 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6hSc29RZxPBxT6tvdKoFZVO-4dJg0OQ8XEiGuhsP24oECp2LVsI6NJ8Pxv1nZuEdNDcijekYEG1IYLEg2Hc0nJKPwjfrJ1Ts7cpsZsW8LSqauvIE

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame FDD9 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 19:00:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDD9 122 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame FDD9 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 19:00:01 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FDD9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlGs5KEVqxzxneG7mC5F1N1IyPprQnha3x5nK8NyzNd46FClEpChwEQGKLNbQlOOjUeyZZ_MF47YQi9OWLdFekwcJRQA
Requested by: Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 8273799292310812837
s0.2mdn.net/simgad/ Frame FDD9 68 KB
69 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8273799292310812837

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5530de45b5ee6ca0e4b14412258ec90b6a90863761c6e0a57a4311f0a85931cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:03:11 GMT
x-content-type-options: nosniff
age: 57471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69924
x-xss-protection: 0
last-modified: Fri, 07 May 2021 09:51:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 03:03:11 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C390 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FDD9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b5a601a6ecf225421ac2a5fd1977b26db8e962247b22a75663e4f63ee4e437d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDD9 0
60 B 61ms
60ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1

43 B
1014 B

74ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:02 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B5E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMUEbqePmK7P7it.MhAibgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1&google_hm=2

43 B
894 B

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:02 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-nnoe4IrqwnOHTXlwrF4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 5B5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBZxDryi9bfTqQ1ZODTfgr8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBZxDryi9bfTqQ1ZODTfgr8%26google_cver%3D1

43 B
1 KB

45ms
35ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBZxDryi9bfTqQ1ZODTfgr8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv4XBDtjF0Yi_WeqAEwAQ&v=APEucNUUUR70LYp-6BIcls_iAT7HJsv9oq9SJto3aUD6Oc1zSBva0lBo0JqyuIS1mPz1UhCm2wA2pXLJvGkys92YtjMQnY61-WZ3mlDS1lIATSUXCHgtDqp7RrbSOGZbtrvIq0-4ZQYkROEB7cxHNnARVkhq3jdemzjWLZ5VO88J_v3ZxHTPC_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:02 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: b2b163a1-de8c-474e-a7b8-aebf34773483
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:02 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: 3d687a74-f570-4a7c-b71c-c3d204ad15d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBZxDryi9bfTqQ1ZODTfgr8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5B5E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc0Mjg1MDI3MjE2NjA3MTM2MA%3D%3D

170 B
188 B

64ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc0Mjg1MDI3MjE2NjA3MTM2MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:02 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 505748ad-70fa-44fc-9b77-c56d591df83b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc0Mjg1MDI3MjE2NjA3MTM2MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame C390 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 15:57:40 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C390 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJLBqbQTFYPacLM6N7_UPibel6AkAAAAAOAHgBAI&bg=!ra6lrurNAAY6sG-_OrA7ACkAdvg8WmR_OvIhB8swJCMrNhqPCsGeCBzWmTGjC6fNFrfIVKq5GTmczAIAAABnUgAAAAloAQcKAKnisvT0LTEMkAZvLI1ITPV5R7f7MTMjJSbXYsqxKSB7SbPAkE0b046Nfy6vTioyt5rAeQECMa0U61Pz1-kIkt_3Emak0KcvwGcyq2id0IEEYIbmdAoQHSnWD50s8YrDhxxwi55kQN2trMIbNcwK06JgB9FnNXL6S1xMdH-eFyFO3cyk4xGPHpAqUqM7-3rZFVS69dNiAjNT0liiG4GDQb7z1e7yT688CEU7mQLVAW_g5yd6STl8EeE55K69WEdI5zhtkSxXdMoS6fapqcrJRX7jT7Ozwu-xfayX8GnXlqI7-ThXGijkQXJ6FNK2wQQ5JJ2GvWJYaYin7ABBYrD04241xkV7f1t0X5tj7vWl22BX08eWnuuF9HhTRYdRFAmB1xRKx3jo-puk4LmlfJJUfgzZDJMm_xJhqqEsEiBoy7tnQ9cRWt_e0r9jWjRQ8HO9X4MsLl8pryyStYyBbZX2Cl8ISw35MI1CJl7Oy190Vs_VyIj6oxHTMG3Ru7VBcgOFhyri5fL9Gyrp9whWW3DYO24EBmvnQ3B8w-wOvED-LmPyn2m4VZ-_pTAc0OcMrwNmsC0NNvNWBuCYDuOrps20t498yLhOQghp0_UayZ8xjcLtsPS_Kozt6NDh7KvRPaEKTVXpcwuCl_uF3vNxgDl3AcjT04UtdDWkV5tU8ndpbTPWG9sK3vSd6wyWCucVcocIsppnZ71Ljdw4NSF9PbWl5bLCKPRiC8PBduRFQFpLil6Q0IlbcaaEnDqtKQiKJPPrUpBWTyfDke_-lV2i1CNetprInagMQJ-raZSp1DdXWMTL6JM4hCehjqlkmnpk0LiCvhK1qLNnX0qH1eBgVeXjZl8wIqWpl8ZFfZKNmZ2wy68BM_HGHZBpqVJxlyKj33w1lu2C8oAYIPk8Ql4G1d3i8GluTbvGgi5i9FGDk4OEboTYs9zmwR2IwOLaDFvO0mtvzS6JbrlMZIfUrXX2LfucCebyJ9CXdP5quEDeHSkeUY27Oc9yIpwXxcMYKe6F8tc5guJ6VnAV3w_jc-kst65jBcEcspIuZTCnAqTJfhOdBrSUA-iMJPCL268wQ5L_-XVtNl9tQPkIBf4-H6TuVpnID2BnNZ1cRQWtq8NSlzFmREUk-O--jY4Nv96HhRKUjbbFCTBbnV2kf-Shipp9K0KI3SNaNZGWoj6TmPewjrSDWuS5kEE

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/elheraldodemxico-elheraldo/trc/3/ 15 KB
6 KB 198ms
196ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/elheraldodemxico-elheraldo/trc/3/json?tim=21%3A01%3A02.560&lti=deflated&data=%7B%22id%22%3A81%2C%22ii%22%3A%22%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1623317231382%2C%22vi%22%3A1623524462558%2C%22cv%22%3A%2220210610-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3910%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3570%2C%22mw%22%3A1320%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9918e7da52409127188e3b6b20cddca1c8a89dab596cb96032d87ab98007237e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 163
date: Sat, 12 Jun 2021 19:01:02 GMT
content-encoding: gzip
server: nginx
x-timer: S1623524463.579378,VS0,VE163
x-served-by: cache-hhn11573-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://heraldodemexico.com.mx
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 18 KB
6 KB 34ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding: gzip
etag: "7f7f981d4ecb61feeff48e66441716da"
age: 7412
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5628
x-amz-id-2: mvV6Obapu1AtkGvrEDNJEFXTiQ35Psp9hLvN+7O6Qau3nou0Qban8NkNzNinIOLGaaqDY53yXF4=
x-served-by: cache-hhn11573-HHN
last-modified: Sun, 30 May 2021 11:12:52 GMT
server: AmazonS3
x-timer: S1623524463.787038,VS0,VE0
date: Sat, 12 Jun 2021 19:01:02 GMT
vary: Accept-Encoding
x-amz-request-id: 6F32NCW4Z347WKFJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 142248

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
968 B 35ms
34ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 10862
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: mx4KoEdupSjNAt+jydlxWIo+jwcLoLfqsfsfzf9xlc2eaDNcUDaHkWHo8F8AVeN4ILOhs1UHeT4=
x-served-by: cache-hhn11573-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1623524463.787150,VS0,VE0
date: Sat, 12 Jun 2021 19:01:02 GMT
vary: Accept-Encoding
x-amz-request-id: GZH52BA9ZE5HK19K
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 65
x-cache-hits: 170504

GET
H2 200 tfa-eid.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 35ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c5d4409cbfbad0acc97ba77ec5c9828bc0eaad3430b4474b963c5f4ba091029

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XdPmq.1Gg.9jjDVu0_GtQ9_2PgvH9n6H
content-encoding: gzip
etag: "53fc507dc4b1c4acb5609b5be89215a8"
age: 118
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4867
x-amz-id-2: Udn2/fTvQZ6ASu5MPyXniRwpK5QmaXXRm99HQ1nxR2+57q3WF3Gy05+hcnXkiHGOijSr0YyzI68=
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 10 Jun 2021 11:47:44 GMT
server: AmazonS3
x-timer: S1623524463.789640,VS0,VE0
date: Sat, 12 Jun 2021 19:01:02 GMT
vary: Accept-Encoding
x-amz-request-id: 5Q6QTQ5H9S7BZWNB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 1402

GET
H2 200 sha256.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 35ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebc7c8375b9ed4fdbb6c795d8662c7e79dab5ec054abf49018da33e4f1b91dc

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1GfYRfvMJBQwPkGKDqn1iCXsOmfgnu8Z
content-encoding: gzip
etag: "741f4c7d3076e0a32bfcc42d6200020b"
age: 107
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: qTjkDYTqzbU/DwiBh7aq0yqNzdtm1m81nGuzSsZmNIU+B7QS6qk1krwcCv+8d9yEOMKhFtUu1rQ=
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 10 Jun 2021 11:47:57 GMT
server: AmazonS3
x-timer: S1623524463.789608,VS0,VE0
date: Sat, 12 Jun 2021 19:01:02 GMT
vary: Accept-Encoding
x-amz-request-id: TJ4C5SXGWB52D2BY
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 1201

GET
H2 200 tb Show response
15.taboola.com/ 30 KB
9 KB 263ms
261ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=elheraldodemxico-elheraldo&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&encoded=1&uid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1623524462790&tagid=&cntry=CZ&platform=1&sesid=8c5bbf1e49070a56624848e1e10a6f89&itemid=/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&viewid=1623524462558&geolat=&geoing=&deviceifa=&appid=&sd=v2_8c5bbf1e49070a56624848e1e10a6f89_41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee_1623524462_1623524462_CNawjgYQ6rdLGN6f5YygLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ri=5abe59ec1828cfe1e23cc2fc779dc004&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1235946&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=10&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1235944&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81130e912ab3cfcb278bb9a71bac97ee3c8bda180e52ddf53c213e2f368d42c1

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
content-encoding: gzip
access-control-allow-origin: https://heraldodemexico.com.mx
machineid: 1450
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11573-HHN
pragma: no-cache
server: nginx
x-timer: S1623524463.808667,VS0,VE228
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 34ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/elheraldodemxico-elheraldo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a89e4c058b477bee9ff0f6a980d054ea7c5b46e225b4d24a6acde4bce4fb9a

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yS42FFnGWQRA3XhR7DHOFMbSRKsS8pf0
content-encoding: gzip
etag: "c0ccd5ec1e3e8c18b20218a8ef29275e"
age: 79
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7962
x-amz-id-2: 6kT3eZ9qYuiy1fuOdLHyu3hsS0GsCser5Ao1joiGsqf01dWbgqRSYT9yGr52hml9gJlAEqiKVUg=
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 10 Jun 2021 11:47:39 GMT
server: AmazonS3
x-timer: S1623524463.808113,VS0,VE0
date: Sat, 12 Jun 2021 19:01:02 GMT
vary: Accept-Encoding
x-amz-request-id: AVXCFXWV9BK88W0D
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 103

GET
H2 204 social
trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/ 0
230 B 101ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/social?route=AM:IL:V&tvi2=-2&lti=deflated&ri=5abe59ec1828cfe1e23cc2fc779dc004&sd=v2_8c5bbf1e49070a56624848e1e10a6f89_41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee_1623524462_1623524462_CNawjgYQ6rdLGN6f5YygLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&pi=/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&wi=-6850288865539203356&pt=text&vi=1623524462558&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%22%2C%22sec%22%3A%22Noticias%22%2C%22aut%22%3A%5B%22Heraldo%20de%20M%C3%A9xico%22%5D%2C%22img%22%3A%22https%3A%2F%2Fheraldodemexico.com.mx%2Fu%2Ffotografias%2Fm%2F2020%2F5%2F23%2Ff1280x720-219327_351002_5050.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=21%3A01%3A02.797&id=3999&llvl=1&cv=20210610-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/ 0
231 B 100ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/social?route=AM:IL:V&tvi2=-2&lti=deflated&ri=5abe59ec1828cfe1e23cc2fc779dc004&sd=v2_8c5bbf1e49070a56624848e1e10a6f89_41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee_1623524462_1623524462_CNawjgYQ6rdLGN6f5YygLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&pi=/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&wi=-6850288865539203356&pt=text&vi=1623524462558&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A935%2C%22ly%22%3A1116%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=21%3A01%3A02.797&id=3206&llvl=1&cv=20210610-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/ 0
230 B 59ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/elheraldodemxico-elheraldo/log/3/social?route=AM:IL:V&tvi2=-2&lti=deflated&ri=5abe59ec1828cfe1e23cc2fc779dc004&sd=v2_8c5bbf1e49070a56624848e1e10a6f89_41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee_1623524462_1623524462_CNawjgYQ6rdLGN6f5YygLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&pi=/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&wi=-6850288865539203356&pt=text&vi=1623524462558&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22VIDEO%20VIRAL%3A%20Estudiante%20pide%20ir%20al%20ba%C3%B1o%20en%20clase%20virtual%20y%20maestro%20tiene%20EXPLOSIVA%20reacci%C3%B3n%22%2C%22sec%22%3A%22Noticias%22%2C%22aut%22%3A%5B%22Heraldo%20de%20M%C3%A9xico%22%5D%2C%22img%22%3A%22https%3A%2F%2Fheraldodemexico.com.mx%2Fu%2Ffotografias%2Fm%2F2020%2F5%2F23%2Ff1280x720-219327_351002_5050.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=21%3A01%3A02.839&id=3640&llvl=1&cv=20210610-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 12 Jun 2021 19:01:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.3/ 94 KB
27 KB 37ms
36ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f84484a6fcf97a77906921b62e1c83ab13b7fa1f0c06cfe4c13a9dc2478391e4

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront), 1.1 varnish
age: 375245
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 27271
x-served-by: cache-hhn11573-HHN
last-modified: Sat, 15 May 2021 09:01:53 GMT
server: AmazonS3
x-timer: S1623524463.075443,VS0,VE0
etag: "fe9344a66ee4f5b7387ddde9997b2235"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: isJWTVav2Dt4uDMHUnGoR3X_UpQlnAeabtlh75K9yDcOBKcmMg2OjQ==
x-cache-hits: 11758

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDD9 42 B
64 B 30ms
16ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpvKPxwPM5sOZ1UJHYk5hwpzrkGFJqszFaTo6EdrYNDPyopFC6dHeadbVzMuQA5rmRBo-Ri16joLauAkbG7-Y9hGGaIV8CdlMWug3LuFxsOYOp&sai=AMfl-YS0TrrDJK53gMlngfqZeT5_qkFcbBg-rrAhFeskzen3ASfv7meuCj2YaAnDDz_RUR-3NFyGf8753wYd0k1Xd6dlYSHMb4vhTwPbWTkEhIWL1DRfKk6fO3uYf3lDo_d7&sig=Cg0ArKJSzAB6Q8njRgtoEAE&cid=CAASFeRoaLYDzGMgd0IsYhth--jS_lhRYA&id=lidar2&mcvt=1000&p=279,436,373,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3185235966&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623524462087&dlt=22&rpt=119&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6F76 1 KB
636 B 46ms
44ms Document
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ade1345278ff4c5b9392ac7f9f91fa204d5d6e35af4a228c534e4cc96e56eae

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Jun 2021 19:01:03 GMT
via: 1.1 varnish
x-served-by: cache-hhn11573-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623524463.383458,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 639A 1 KB
1 KB 35ms
33ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7c60286cd6c79350eecfcd587c811db0c792fc00bce1a682300622200e354836

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

server: nginx
date: Sat, 12 Jun 2021 19:01:03 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3405

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 369ms
367ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5738575&noaop=3&sortOrderType=0&cb=1623524463367&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1237&pt=-2060471600&tz=120&viewable=true&ddast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2235835&dpubid=401085&abtst=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fheraldodemexico.com.mx&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c434cdbf64369920bb174f8222e9c729680284ddaf5c8e95dc5c3a1fa9c0ba81

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
content-encoding: gzip
access-control-allow-origin: https://heraldodemexico.com.mx
machineid: 1406
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11573-HHN
pragma: no-cache
server: nginx
x-timer: S1623524463.387124,VS0,VE332
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 34ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=31589837&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1623524460614.7!ts:1623524463362&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 639A 70 B
265 B 183ms
60ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 639A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d2520a-cbb0-11eb-ab22-162d46060306&orig=video&us_privacy=1---

0
256 B

34ms
32ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d2520a-cbb0-11eb-ab22-162d46060306&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 12 Jun 2021 19:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16807

Redirect headers

Date: Sat, 12 Jun 2021 19:01:03 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d2520a-cbb0-11eb-ab22-162d46060306&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 639A 43 B
146 B 91ms
29ms Image
image/gif 35.157.221.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.221.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

/ Show response
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 639A
Redirect Chain

https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%2...
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=yCPuyoJiVfBD&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1

0
124 B

33ms
33ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=yCPuyoJiVfBD&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Sat, 12 Jun 2021 19:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16756

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=yCPuyoJiVfBD&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-k8nvs
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6F76 70 B
264 B 173ms
61ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6F76
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d3644a-cbb0-11eb-878e-1f057aaa0506&orig=video&us_privacy=1---

0
256 B

32ms
32ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d3644a-cbb0-11eb-878e-1f057aaa0506&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Sat, 12 Jun 2021 19:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16807

Redirect headers

Date: Sat, 12 Jun 2021 19:01:03 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=88d3644a-cbb0-11eb-878e-1f057aaa0506&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 33
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6F76 43 B
145 B 82ms
30ms Image
image/gif 35.157.221.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.221.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DB2D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

77ms
29ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Jun 2021 19:01:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 12 Jun 2021 19:01:03 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1667
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

96ms
31ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Jun 2021 19:01:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 12 Jun 2021 19:01:03 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 7ADE 2 KB
3 KB 106ms
48ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=undefined&cb=1623524463362&uv=2981&tms=1623524463362&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=7BA18A6CE515981872965051585&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53a4b14818db913b08b29af9a8c38caeb68ee63941fee0f51ccb9d1c9243226a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMUEbqePmK7P7it.MhAibgAA; CMPS=5166; CMPRO=1135; CMST=YMUEbmDFBG4A; CMRUM3=2d60c5046e2760CAESEM0-nnoe4IrqwnOHTXlwrF4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|73|221|8|156|13
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1828
Expires: Sat, 12 Jun 2021 19:01:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:03 GMT
Connection: keep-alive
Set-Cookie: CMID=YMUEbqePmK7P7it.MhAibgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Jun 2022 19:01:03 GMT CMPS=5166;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Sep 2021 19:01:03 GMT CMPRO=1135;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Sep 2021 19:01:03 GMT CMST=YMUEbmDFBG8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Jun 2021 19:01:03 GMT CMRUM3=0d60c5046f05a0&dd60c5046f2760&e660c5046f2760&2d60c5046e2760CAESEM0-nnoe4IrqwnOHTXlwrF4&2760c5046f0b40&0860c5046f05a00&4960c5046f05a0&9c60c5046f05a00&f160c5046f05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Jun 2022 19:01:03 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7ADE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&dcc=t

43 B
433 B

152ms
151ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7ADE 70 B
264 B 60ms
60ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMUEbqePmK7P7it.MhAibgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7ADE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDroMXiabd9_nb9zEOfJPH4&google_cver=1

43 B
315 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDroMXiabd9_nb9zEOfJPH4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:03 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDroMXiabd9_nb9zEOfJPH4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YMUEbqePmK7P7it-MhAibgAABG8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7ADE 43 B
840 B 104ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YMUEbqePmK7P7it-MhAibgAABG8AAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

tpid=YMUEbqePmK7P7it.MhAibgAA%261135
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 7ADE
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1

49 B
710 B

73ms
73ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.126
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMUEbqePmK7P7it.MhAibgAA%261135?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.21.21
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7ADE
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=fdf43f9d-f35e-47ab-8d42-a3824309b306&expiration=1655060464

43 B
1 KB

30ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=fdf43f9d-f35e-47ab-8d42-a3824309b306&expiration=1655060464
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:04 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=fdf43f9d-f35e-47ab-8d42-a3824309b306&expiration=1655060464
date: Sat, 12 Jun 2021 19:01:04 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 7ADE 35 B
380 B 453ms
113ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Sat, 12 Jun 2021 19:00:37 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7ADE
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065722040076c6f0c141726e&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065722040076c6f0c141726e&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:03 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065722040076c6f0c141726e&expiration=[EXPIRATION]&gdpr=1
Date: Sat, 12 Jun 2021 19:01:03 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 200 /
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 7ADE 0
123 B 37ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&orig=video&us_privacy=1---
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sat, 12 Jun 2021 19:01:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16771

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/29_8_1/infra/ 642 KB
109 KB 105ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1734334102f4f0902e6e1e872efa8c3ae27784a82cda2ef49a75f86d8c9fe8a6

Request headers

Origin: https://heraldodemexico.com.mx
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
via: 1.1 varnish
age: 303131
x-amz-meta-mtime: 1623221203
x-cache: HIT
x-amz-meta-ctime: 1623221204
x-amz-meta-mode: 33188
content-encoding: br
content-length: 111407
x-amz-id-2: BNBFENb7YYTHvUTaGnBtL5qkBY3TEMKltvnLKe3xNaDt5DijqUm6EMvMk59huw/x8dgMC0Osd8w=
x-served-by: cache-hhn11550-HHN
accept-ranges: bytes
last-modified: Wed, 09 Jun 2021 06:46:45 GMT
server: AmazonS3-br
x-timer: S1623524464.837962,VS0,VE0
etag: "8009f026bd6454a4dd4010b50f52182f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: WSTY6JY780XBMGM2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 55602

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_8_1/assets/css/ 60 KB
8 KB 35ms
35ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_8_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
via: 1.1 varnish
age: 241250
x-amz-meta-mtime: 1623221243
x-cache: HIT
x-amz-meta-ctime: 1623221243
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7948
x-amz-id-2: qT4SexjAf9pZCxjuoXXikHpQqDQuHN6gD852S08Cd6pqN/iv4t1Jb/FEXDlOerr+NnPlq7QvTTc=
x-served-by: cache-hhn11573-HHN
accept-ranges: bytes
last-modified: Wed, 09 Jun 2021 06:47:24 GMT
server: AmazonS3-br
x-timer: S1623524464.765731,VS0,VE0
etag: "ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: C8Y850DAMD69138Y
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 564935

GET
H3-29 200 container.html Show response
3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2055 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 12 Jun 2021 19:01:01 GMT
expires: Sun, 12 Jun 2022 19:01:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DB2D 31 KB
10 KB 28ms
27ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:12:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35102
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9302
Expires: Sun, 13 Jun 2021 04:46:05 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 48B4 640 B
318 B 41ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlG_vOHYNbfl6NJyiAcYLyS10K8K7jidYYBTEqtiJsTVr6qraHduQaowCrj; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 12 Jun 2021 19:01:03 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 19:01:03 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 2055 17 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 18:41:51 GMT

GET
H3-29 200 8980984824084812770
s0.2mdn.net/simgad/ Frame 2055 61 KB
61 KB 26ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8980984824084812770

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f269942eccf95f26426c83daf9ec1d38f3180a53f28da808bf722af7b2126905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:48:06 GMT
x-content-type-options: nosniff
age: 15177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62870
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 18:35:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:48:06 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 2055 6 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 18:38:15 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2055 0
24 B 108ms
71ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXj37EPE1keKzNaSNQA_yCPSxAHecdRrwhWXcDM0gj4EhZMOcOY-T5cs9A2-9X0Fk8Mgq1uccojpaSPALhEjVeZFVShihsoUjkAqPR5dtobrIYlb917WurfrVC5SBp5DUJUlxX6Oecw5G5cmF0jwSdYTJ6AYXsGRrpbtWTFRJfiI3HnD2T8SnwdfO_7E_IdNu2gvOo3hP5jgaVaUe87cInGIn7WkiSv--Jt3ujwIKFHc7Br3BbojGd1aYkwLmpLnHa1uzp-NB1Kn78Ql5gaGr_M7k_ArxVcJxODbMEIpuDizRLxD2rYXQK3X5SwT1hvCS84fO_xOU43iZIGYtq9i8BSveM97XJ0H9dIbbBIM3Ene1W12cD6gKTR6iU9pfoBxPFXMWKk0-lh1MJS1UqdCr9mBLLoZrX7TPy0R7tXGBHKAWB_LvX-D0qY6uK8yrhzy1_UP5OvWBGqihMal1W3MeHfwF6acEM9iJioAoFqAGcB4sJILysX0kt-ASMMH7Lw43Po4OkOnXahaxlU8YnmY5ZyEhv2C1fTECLhq2pUhmd14hUxAc2VOod9uoYoyp3x6cAwXOpDGWLcnFPe09rT-LVditXdu6Y9AyhROW4ExO-4kyKaV2hBaJcl4Rqi4914KELqyyrvdqVoJg9rw2PXtdVhGhVfMhDVmzUIMnKd2HqSd-shgPjIshknGdIpPFGwFt8OOGLYmANCPUZzfO5H05Wyjw4-yPHqzulEgeBE9G8xQt2vZx6E65ceuO4pB-kYvW09-VSKTEjEziyQ_JAGsAXB8IwqI572eKEAJyIVuJc7j8aWSWzLrszkg20PjoST6AbL7uMwNmzefmMSpAzqpg5VTiPzDhEKeES19jNGMaRag6HK8xQPqRs6iAPa7yDBNPf5neskwIWXv0lmSYLFkrtNucO21rrc5sTF7q2H_ncnCdkfZqR2WGfRmystoYq223G4d80Bfbfn1VIPZ1l-Y_Ysuw_ubUCQQ-2thmscU23wwAXlJ24dQI_58kxrfN5UEGInivH_37bME1ipxDAzkZf5dQuI0ijy7_dcnJBk-EDveYSIVE_76R2Y3NBlRpCKwXLFjPP1Tu4_pGaaSiBpZhTTIv77_Z3WV4lY01OKjakmavpcznPNi_5MK0GVb8E1IqWrSepR-gOrQlrt4FkZnlK8qNGdqWgu20_&sai=AMfl-YSQxuveod-Di3b5fsTl5b9K8gy5vNyFyCXhPMjHUVyy5gYYHOfDVhe5n2CQ71jpF-oa5KcXYdn2eF0wgzWlAd5zbHlNKKaEKvgXmce-3AHfnYOn0jgPdAYLLNel8fdt3QoDyAP8oEEI2Gcm49m-45Zh8K7ImgtQJ6LyW8bRDbqSt-MDsiY1N6RSecbI_ZzJyus5NKHdiRVCTuYumRDs2X73NXWxv_3n9OlvGdJweNZY2sVDMd2D1PXMIaItHttzb0Tx9llZsFEnA0ksNdVHENJJEfxjWYdohHjgX2vLI00ntRACuphBQey_s_OWvcytxEi1Q2CWYlDRDdsCPtoxz3yYS7F1UIKbIFpOGj79H1x2QGCB1Hn02F4tJVSHhAYm_w&sig=Cg0ArKJSzOvpkbdb_o00EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.72307&adurl=

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 12 Jun 2021 19:01:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2055 41 KB
15 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2055 42 B
63 B 64ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DurCSDRJaUamBJYi27ua6SlqJxLHRzdrIKNmpsIJ6deGAJ5e648SBkCBK9BzlXmmQJtPGqBWZOfXOgZcHOD5Bxb-dvoEsjUIEaLRBLRXXgmSmkDMY

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2055 2 KB
1 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 19:00:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2055 122 KB
37 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sat, 12 Jun 2021 19:01:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2055 13 KB
6 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 19:00:01 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2055 0
0 41ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-AtOZXXCgGzZd3-J_zgn1eTFXsadXPXa5xOHXENGxAM83CavnycHIXNLU6vSCB1QK2wK9xBOpUjnpfP6ubNh6vLxD3w
Requested by: Host: 3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
URL: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 bulk Show response
trc.taboola.com/elheraldodemxico-elheraldo/log/3/ 0
304 B 106ms
98ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/elheraldodemxico-elheraldo/log/3/bulk?tvi2=-2&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 60
pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623524464.840159,VS0,VE60
x-served-by: cache-hhn11573-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1667 31 KB
10 KB 33ms
28ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:12:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35102
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9302
Expires: Sun, 13 Jun 2021 04:46:05 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DB2D 284 B
536 B 124ms
31ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 36ms
35ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 8686
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Olb+YyDQBKGh7cwueQ5LeIGsXnGNg1fxi90sFl9BDpDVxzFbv82yCyTcgo7/5nBaVt7MgHnSa+E=
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1623524464.877688,VS0,VE0
date: Sat, 12 Jun 2021 19:01:03 GMT
x-amz-request-id: 5QBDV5MFESKPZMG3
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 94
x-cache-hits: 12004

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2055 0
23 B 62ms
61ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 19:01:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1667 284 B
536 B 122ms
30ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame 2055 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3e4ee8fbcb22b3fbca6a7a60fb1b7e642c5764e6d0a28eb8a0618bf1050b8dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E1BF 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 48B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1

43 B
172 B

50ms
50ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOvO4WYqNplQv2ey7cBCL0o&google_cver=1
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 google
server: OXGW/16.208.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 48B4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc3OTRmOWMtYTZkNC0yMjUwLWMwOGEtNjE0OTk2NjgyZTdk

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc3OTRmOWMtYTZkNC0yMjUwLWMwOGEtNjE0OTk2NjgyZTdk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 12 Jun 2021 19:01:04 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc3OTRmOWMtYTZkNC0yMjUwLWMwOGEtNjE0OTk2NjgyZTdk
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 48B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECkKTsG2t9dz6bIwPC5jvmc&google_cver=1

23 B
172 B

59ms
59ms

Image
image/gif

184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECkKTsG2t9dz6bIwPC5jvmc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNWNKQ1MWtMv1sNeQEne1s1Ezn_cFG7By5RMasqy6IDiuJFtHdZIrq9ExQ4CzEJbkEam0vP3KRZOKG0kWFcIQHD4ife7QRCqxWWdQax61xSQoQ5wxLPebC60dr3sARc9K_qByFmdCz7cvNE_rsx9r918cMWl2YXbcNhhQN3pxi22ijoTdx8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 12 Jun 2021 19:01:04 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESECkKTsG2t9dz6bIwPC5jvmc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 48B4
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzJhNTdlMmU2ZWE1NGM4ZTg0M2JkYjY1YWZlNzYxYzY2YWIwMmI3ZQ==

170 B
188 B

38ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzJhNTdlMmU2ZWE1NGM4ZTg0M2JkYjY1YWZlNzYxYzY2YWIwMmI3ZQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzJhNTdlMmU2ZWE1NGM4ZTg0M2JkYjY1YWZlNzYxYzY2YWIwMmI3ZQ==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 36ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront), 1.1 varnish
age: 374885
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn11573-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1623524464.024173,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: uLtDvYeBQUIoIf-X-8AOILLBk-vA8un2c3VNoVVtp_f1HfDPWL75vQ==
x-cache-hits: 561159

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame E1BF 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 15:57:40 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 35ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront), 1.1 varnish
age: 242647
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11573-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1623524464.143539,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gMac7oPnGnLwMTPr8ZTp3wXPxJLROynfM1c1ULf482PWoHTcQG1zPg==
x-cache-hits: 795134

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 35ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront), 1.1 varnish
age: 240118
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11573-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1623524464.145936,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: qE_d6Nf3Ndm5RMFgkH_ZcAhVvsoEdRscg732h8tqdSrhtgNePaDebA==
x-cache-hits: 598333

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
3 KB 35ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 328971
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn11573-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1623524464.146142,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 583293

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/ 548 KB
112 KB 36ms
35ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3126d150fd08c7eeddc887b0e8dcdbb261a479a83742f11067bbc1eaec606de2

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 varnish
age: 381537
x-amz-meta-mtime: 1623142846
x-cache: HIT
x-amz-meta-ctime: 1623142860
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114700
x-amz-id-2: +StiEtnWkgonLs/uNY3PL/noOFfK0Mr16EMCb9Bjyyg5aIIxhb/rLvR4qNnnmXdeKY46CeI7OOE=
x-served-by: cache-hhn11573-HHN
accept-ranges: bytes
last-modified: Tue, 08 Jun 2021 09:01:01 GMT
server: AmazonS3-br
x-timer: S1623524464.176122,VS0,VE0
etag: "6939345aa1679c2773fb064ffb237d21"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: NZSJ5K4XST2KD2ZX
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 405711

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 0C65 1 KB
1 KB 36ms
33ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_8_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3e55b72ff8b92a576db7d52cf714a484f6e8828fb8cb89eb9b46d91c048e5175

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://heraldodemexico.com.mx/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://heraldodemexico.com.mx/

Response headers

server: nginx
date: Sat, 12 Jun 2021 19:01:04 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3403

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 38ms
35ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront), 1.1 varnish
age: 375850
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-hhn11573-HHN
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1623524464.215618,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: zwdr7Dzuy2kVbKWWTSqHNgBjo5VT5u7K4Tm8fY2KTkQ7r5MsCiaHWg==
x-cache-hits: 124735

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
922 B 39ms
36ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront), 1.1 varnish
age: 328934
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1623524464.216564,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: b_2YSz_xJ_vlRCCaxiIFf95Q8jxCjwLOwkr1CwY6cuNKztnK2Kc5vw==
x-cache-hits: 106648

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
981 B 38ms
35ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 varnish
age: 1071825
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1623524464.216531,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BvOIM6Ru-sj1Zuk8Pv4KwWWtNjjN_qkQBQVKUVBbjGSvlxOJWOiTWQ==
x-cache-hits: 107710

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
1 KB 38ms
34ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 varnish
age: 1089855
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1623524464.220576,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oN72cAAVKwvn1GJ4MZDIQi3y4vHm--RqZWj9LNg2dBhXT141wINHrw==
x-cache-hits: 111917

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
950 B 38ms
35ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront), 1.1 varnish
age: 238758
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1623524464.221166,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: uTOvG30XX1olww3k-fRrEE1dbLZVWgoR6X9MK1J-k37bqJwb4hjeKQ==
x-cache-hits: 108694

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 38ms
36ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: heraldodemexico.com.mx
URL: https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 111
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: WT0aCOze7suP/jRJBrx5+aMxHCB+uiJIOC4VN0rROscddPObGehvQsST3RfkJ+G+m4USU6a52bE=
x-served-by: cache-hhn11573-HHN
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1623524464.221215,VS0,VE0
date: Sat, 12 Jun 2021 19:01:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: D2SYGVBWK128EEQK
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 94
x-cache-hits: 192

GET
BLOB 206
Partial Content 0847e2f7-ee53-46c5-b12c-d34e68d96c19
https://heraldodemexico.com.mx/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldodemexico.com.mx/0847e2f7-ee53-46c5-b12c-d34e68d96c19
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 171e25c9-1324-4245-8ee9-b0a4c9f49da8
https://heraldodemexico.com.mx/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldodemexico.com.mx/171e25c9-1324-4245-8ee9-b0a4c9f49da8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H/1.1 200
OK 7042993 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 120ms
57ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d47d771a782b86bf4f1253a530a143b110963c587f06b743e9e5259b7f80ccb7

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1062
x-sticky-vk: 1623524464405008-349
Expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0C65 70 B
264 B 62ms
60ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 0C65 43 B
145 B 32ms
29ms Image
image/gif 35.157.221.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.221.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0B42
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

31ms
31ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Jun 2021 19:01:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 12 Jun 2021 19:01:04 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 8831
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9

0
124 B

34ms
33ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync-t1.taboola.com
:scheme: https
:path: /sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://am-match.taboola.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

server: nginx
date: Sat, 12 Jun 2021 19:01:04 GMT
tbl-x-upstream: 10.41.14.127:10213
x-fastly-to-nlb-rtt: 21469
access-control-allow-credentials: true

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=68baa30f-c624-4303-8fbc-f31838add3e0|1623524464; Version=1; Expires=Sun, 12-Jun-2022 19:01:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=3c2c7f75-85a2-4da3-a7c4-3a76fdf744a9
date: Sat, 12 Jun 2021 19:01:04 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 6AA2 2 KB
3 KB 91ms
39ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 664d0a9f8efb24b8e4743ea015517260e4c03c6640fc6831d47ce512c6e22354

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMUEbqePmK7P7it.MhAibgAA; CMPS=5166; CMPRO=1135; CMST=YMUEbmDFBHAA; CMRUM3=0d60c5046f2760065722040076c6f0c141726e&e660c5046f2760&dd60c5046f2760&4960c5046f05a0&0860c504702760fdf43f9d-f35e-47ab-8d42-a3824309b306&2d60c5046e2760CAESEM0-nnoe4IrqwnOHTXlwrF4&2760c5046f0b40&9c60c5046f05a00&f160c5046f05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|130|4|88|39|206|3|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1719
Expires: Sat, 12 Jun 2021 19:01:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Connection: keep-alive
Set-Cookie: CMID=YMUEbqePmK7P7it.MhAibgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Jun 2022 19:01:04 GMT CMPS=5166;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Sep 2021 19:01:04 GMT CMPRO=1135;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Sep 2021 19:01:04 GMT CMRUM3=6f60c5047005a0&0460c5047005a0&4960c5046f05a0&2d60c5046e2760CAESEM0-nnoe4IrqwnOHTXlwrF4&f160c5046f05a0&9c60c5046f05a00&2e60c5047005a0&0d60c5046f2760065722040076c6f0c141726e&ce60c5047005a0&e660c5046f2760&5860c5047005a0&dd60c5046f2760&8260c50470a8c0&0860c504702760fdf43f9d-f35e-47ab-8d42-a3824309b306&2760c504700b40&0360c5047005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Jun 2022 19:01:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0B42 31 KB
10 KB 27ms
26ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:12:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35101
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9302
Expires: Sun, 13 Jun 2021 04:46:05 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 3991 328 KB
111 KB 35ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1623524464.dop029.fr8.t,1623524464.cds167.fr8.shn,1623524464.cds167.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0B42 284 B
536 B 29ms
28ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 6AA2 0
0 115ms
43ms Image
text/html 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 6AA2 43 B
430 B 251ms
65ms Image
image/gif 52.210.44.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6AA2
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3234918226662926002

43 B
1 KB

37ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3234918226662926002
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:04 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3234918226662926002
pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6AA2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YMUEcAABqv6mJwAC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMUEcAABqv6mJwAC&gdpr=1&_test=YMUEcAABqv6mJwAC

43 B
1 KB

30ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMUEcAABqv6mJwAC&gdpr=1&_test=YMUEcAABqv6mJwAC
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:04 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623524465.713630,VS0,VE0
x-served-by: cache-hhn4072-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMUEcAABqv6mJwAC&gdpr=1&_test=YMUEcAABqv6mJwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6AA2 70 B
264 B 65ms
63ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMUEbqePmK7P7it.MhAibgAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 6AA2 0
234 B 356ms
34ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6AA2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a5960c5-0470-4200-9c17-d383fa14dda3&gdpr=1&gdpr_consent=

43 B
1 KB

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a5960c5-0470-4200-9c17-d383fa14dda3&gdpr=1&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Jun 2021 19:01:04 GMT

Redirect headers

Date: Sat, 12 Jun 2021 19:01:03 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4a5960c5-0470-4200-9c17-d383fa14dda3&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 12 Jun 2021 19:01:02 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 6AA2 0
331 B 1129ms
34ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 /
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 6AA2 0
124 B 33ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YMUEbqePmK7P7it-MhAibgAABG8AAAIB&orig=video&us_privacy=1---
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 12 Jun 2021 19:01:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20868

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1BF 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrrSrbgTFYIS3AoXX7_UPxomv8AsAAAAAOAHgBAI&bg=!dXaldjLNAAY6sG-_OrA7ACkAdvg8Wmg6UQ-xUlB8znd5mwIpy08Rg27PghtPENh_Ahfvj77VHspwsgIAAAGYUgAAACJoAQeZAswMgO1X7yoPh3ASJNAN_DNzU8XMcOjJR4G93Fbv_hewChefzBx2Cho1srnufo0IF2IvYzjzreXXLjwhHpCNcA0e0tflqUU-MMlI5HnRJ1a5SwjKXUm_nZynJOYdV8ZjysKhF6EL1qGlXZw1NTa0dtTtrw8gpkqOhVloGT3Lkfblgkaw_gnD8P4qLt7lglNZZpHyD43neDqbalbKweezSDzMVhP4RjYCaXDkGEL25WRiyahQaZnFg0dTa2En_aLk0H4p8jWYq4BX2y5ylGeAOzWwb8eVluOYotrHlWcjzGIOvrONyIVhVjXj0rouXGWbR16FCyzc-qvcg1cRZ42xb0ZqPLZHRna-NdUDQOpbvYx84opJdCU508GQBP1dU_dEZQv1wtFXzcTtdv9zUrOe8RrjeYLc0ktLCpJB5M8WW-tWZY2BJUcdkvoD6pD0pxjFiQuoAnjbxaqCvzOrHRCBNQ4rQrE1StSGvfz_tPYB3swGmih4nVRnd4h082BF9K7ohdcNPjnb6IFFAr9gpEHvyukmSGZcRcX63ewc0P0GRoFU7ZNtkr-hU-sw9KwV3aDak2dl7ZuJ1oVYnrGgQ8E1aMlw-ezU7_zhw9Wr6GULCdNMx1CymuzOOnDv_JQhY8yNNPaM7JbIR9G8g7FjMnVkuUFu_BY94mXuXQFy04sJWatNC3ROPyP9u_A00bdVj3vlwKr3J8VP2zMFLHI2CWiW-wdKuhW8xb2IUjMGn04RO2OpXJDkPt1PLc9mzLkp-D--lyrdH6vIBalu9JNq5KQm9NQ57o2Pgj4UwpY_I1AhMQpOMkCpGLR4w8OPBBw8x3Ef2bZO85cmEqJG7HLGisax_VFEgkf59HU5NgfbCre0JDIwoTAq6NlGQYIFAxDISNJobhsLtv6GTQIOyIWCBASfn2EbeobtemYmzrG6g_4PspcR9EGYkgToonEcY7FQyQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 3991 25 KB
25 KB 34ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1623524464534
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:04 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1623524464.dop141.fr8.t,1623524464.cds133.fr8.shn,1623524464.cds133.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91339865ba661e29a57ed1497dc912de&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l058d_6972984477136705496
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFpxS7YTDFyBbvSvVPbdQ4Y&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=537d416b-ac0b-45d9-8a13-4bc076fa76d5
https://pr-bh.ybp.yahoo.com/sync/stickyads/91339865ba661e29a57ed1497dc912de&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-9rYm1rZE2oMgXSyIRc1VNbqNuY9qZQjYKop7zPi1~A
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=91339865ba661e29a57ed1497dc912de&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1bf6_6972984481431067511
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEN12-yJTralarThKkSmIfyY&google_cver=1&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID%26gdpr%3D0%26gdpr_...
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2909113094865538082&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8e0560c5-0471-4b00-b95c-281de024359a&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 3991 301 B
863 B 75ms
51ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1623524464542061-90
Expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 3991 67 B
728 B 177ms
115ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&vav=bddd354aed41580da3596335a8af0b99&vaviv=c6e1f07e869c40aa46e21afe44de1c10&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1623524464679001-417
Expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524464595049-425
Expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

151ms
150ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524464627087-118
Expires: Sat, 12 Jun 2021 19:01:04 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 2208
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531&tbid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef&query=taboola_hm%3Da3e5d9e1-9c37-...

0
76 B

45ms
44ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531&tbid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef&query=taboola_hm%3Da3e5d9e1-9c37-408a-9986-d6f743e49531&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623524465.240602,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11573-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a3e5d9e1-9c37-408a-9986-d6f743e49531&tbid=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef&query=taboola_hm%3Da3e5d9e1-9c37-408a-9986-d6f743e49531&isDirect=0
tbl-x-upstream: 10.41.10.104:10213
date: Sat, 12 Jun 2021 19:01:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18853

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 2208 43 B
106 B 55ms
48ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2208 0
239 B 3171ms
30ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 2208
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f2c8b428-7b71-52a3-978c-a6bdf749a2ce

0
256 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f2c8b428-7b71-52a3-978c-a6bdf749a2ce
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Sat, 12 Jun 2021 19:01:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18458

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f2c8b428-7b71-52a3-978c-a6bdf749a2ce
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 2208 43 B
427 B 1485ms
150ms Image
image/gif 52.21.23.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:06 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 2208
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=llNmzxE4HNHL&ev=1&orig=trc&pid=562107

0
247 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=llNmzxE4HNHL&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 12 Jun 2021 19:01:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19508

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=llNmzxE4HNHL&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-k8nvs
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 2208
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1372691902139430745&orig=trc

0
255 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1372691902139430745&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Sat, 12 Jun 2021 19:01:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19898

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid: a079b023-193a-491c-a0f2-c69453d89ded
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1372691902139430745&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2208
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK7HaETX_DAvwGHz0y6ahNE&google_cver=1

0
207 B

98ms
97ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK7HaETX_DAvwGHz0y6ahNE&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 63
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623524465.837580,VS0,VE63
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11573-HHN

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK7HaETX_DAvwGHz0y6ahNE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2208 42 B
545 B 3152ms
43ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:355
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2208
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=13fec2da-d632-4b8e-bdcd-6f43267adf44-tuct7be89ef
tbl-x-upstream: 10.41.14.95:10213
date: Sat, 12 Jun 2021 19:01:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20338

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2208
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=537d416b-ac0b-45d9-8a13-4bc076fa76d5

0
60 B

94ms
94ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=537d416b-ac0b-45d9-8a13-4bc076fa76d5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 60
date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623524465.925944,VS0,VE60
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11573-HHN

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=537d416b-ac0b-45d9-8a13-4bc076fa76d5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 2208
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

40ms
40ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:04 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 2208 49 B
333 B 124ms
120ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-k8nvs
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 2208 43 B
697 B 3157ms
38ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:07 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 2208 0
59 B 1207ms
32ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:05 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2208
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=13c57ad1-5305-4716-8b0a-4a837981b78e

0
255 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=13c57ad1-5305-4716-8b0a-4a837981b78e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Sat, 12 Jun 2021 19:01:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19158

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Sat, 12 Jun 2021 19:01:04 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=13c57ad1-5305-4716-8b0a-4a837981b78e
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1701
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 12 Jun 2021 00:00:00 GMT

GET

ibs:dpid=121998&dpuuid=dfdbca0ff1f6e82756acbd80d4c27cb7&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
dpm.demdex.net/ Frame 2208
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOMOxaJr9Ci7d6Gg7JWBdemu16U4zt_ViYPEUmxQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOMOxaJr9Ci7d6Gg7JWBdemu16U4zt_ViYPEUmxQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=fd9b0bcc-2210-4792-af3f-0b5c0a8689a7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=dfdbca0ff1f6e82756acbd80d4c27cb7&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=f1fee9ee-b761-4c06-8eda-b5c10b85de9d&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=c6b69c93-e0d6-414e-a0bb-4ea008c71c00&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/2/6.gif?puid=f57aab1d-657d-4a6d-8ce8-5594d5835406&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/1/7.gif?puid=e_9b0b94a2-df0e-471f-9f71-8deb2d1d3c1d&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dfdbca0ff1f6e82756acbd80d4c27cb7&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 2208
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YZXPjnp0BESmnnqzcQTFYA

0
247 B

33ms
33ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YZXPjnp0BESmnnqzcQTFYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Sat, 12 Jun 2021 19:01:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18709

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YZXPjnp0BESmnnqzcQTFYA
date: Sat, 12 Jun 2021 19:01:05 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2208 35 B
380 B 113ms
112ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Sat, 12 Jun 2021 19:00:38 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2208
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=dr-5zyhKQ8tyijxt21EzZlm7vcQ&user_group=1&ssp=taboola&gdpr=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=dr-5zyhKQ8tyijxt21EzZlm7vcQ&user_group=1&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cc35da46-63e5-435f-ac1a-ba09f9ff9ac5

0
255 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cc35da46-63e5-435f-ac1a-ba09f9ff9ac5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Sat, 12 Jun 2021 19:01:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19002

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=cc35da46-63e5-435f-ac1a-ba09f9ff9ac5
date: Sat, 12 Jun 2021 19:01:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 36ms
34ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding: gzip
etag: "be95692a7dfb1dc3e8629518230a5ec3"
age: 12560
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 899
x-amz-id-2: r6l3tKy2bpJUs2hDEPModElWrdrPvnCgDH9URgDwWqurcptvZXS47FQLozu4toPKdKPNOpwdjow=
x-served-by: cache-hhn11573-HHN
last-modified: Wed, 09 Jun 2021 22:03:44 GMT
server: AmazonS3
x-timer: S1623524465.802592,VS0,VE0
date: Sat, 12 Jun 2021 19:01:04 GMT
vary: Accept-Encoding
x-amz-request-id: MX4Q6N7CBJ0TZF9W
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 94
x-cache-hits: 474095

GET
H2 200 / Show response
pips.taboola.com/ 4 B
127 B 37ms
28ms XHR
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:04 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn11550-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 3353ms
106ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=41dcc926-d669-4f6c-8865-8b83d14acae1-tuct7be89ee
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 12 Jun 2021 19:01:08 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 129ms
129ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5738575&noaop=3&sortOrderType=0&cb=1623524468509&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1237&pt=-2060471600&tz=120&viewable=true&ddast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2235835&dpubid=401085&abtst=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fheraldodemexico.com.mx&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a4ed81033179108881ffefdba9bc105af580ab941f3605c34bfc5e37f743f93

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 12 Jun 2021 19:01:08 GMT
content-encoding: gzip
access-control-allow-origin: https://heraldodemexico.com.mx
machineid: 1459
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11573-HHN
pragma: no-cache
server: nginx
x-timer: S1623524469.528564,VS0,VE95
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 7042993 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 51ms
50ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c1ed9791a2807c110a7157edffac66a3f90f5e25ae92c3e76dd36534f8fa1fa

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1062
x-sticky-vk: 1623524468655012-21
Expires: Sat, 12 Jun 2021 19:01:08 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 34ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66385105&crid=5738575&dast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&cmcv=&pix=31579697&cb=1623524468704&uv=2981&tms=1623524468704&su=&abt=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&ft=0&unm=SLIDER_INSTREAM&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:01:08 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 69F2 328 KB
111 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1623524464.dop029.fr8.t,1623524468.cds167.fr8.shn,1623524468.cds167.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 69F2 25 KB
25 KB 6ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1623524468728
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:08 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1623524464.dop141.fr8.t,1623524468.cds133.fr8.shn,1623524468.cds133.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1

200
OK

stv
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdp...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YMUEdAABf9aQQABg&gdpr=1&gdpr_consent=null&_test=YMUEdAABf9aQQABg
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=1&gdpr_consent=null
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=1&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1yMSiyef1LS8Sx5&gdpr=1&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null

43 B
430 B

61ms
61ms

Image
image/gif

52.210.44.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.44.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:09 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524468946077-80
Expires: Sat, 12 Jun 2021 19:01:09 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 69F2 301 B
864 B 57ms
57ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: nginx
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1623524468712031-345
Expires: Sat, 12 Jun 2021 19:01:08 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 69F2 67 B
728 B 112ms
111ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&vav=af4f900bf9ba45e3df0b81da16c4aed0&vaviv=515d060268a52749b1d56072a6239641&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1623524468716033-428
Expires: Sat, 12 Jun 2021 19:01:08 GMT

GET user-matching
ads.stickyadstv.com/ Frame 69F2 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

150ms
150ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524468767028-422
Expires: Sat, 12 Jun 2021 19:01:08 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524468655086-21
Expires: Sat, 12 Jun 2021 19:01:08 GMT

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
126 B 120ms
53ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://heraldodemexico.com.mx
date: Sat, 12 Jun 2021 19:01:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 93ms
92ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5738575&noaop=3&sortOrderType=0&cb=1623524473512&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1237&pt=-2060471600&tz=120&viewable=true&ddast=V7Pc8CFgPtnB-rcSibTATtnB-rcSibTAUAAAAGBjsHGzdhMIYL2obFWqyWw8VwN1nOVoPVYjVcDWHjJgzGcEHbsFiL1XK4GO4Wu9FksZxsBqMpOEzZaXJZDmqBrGly-d0QiImm0-Fz3euFLsvDbPKbXG6X8enx2zV-t11t_ItedpPL7nE6PH_JYDLYq_aSzV72NLn8btnT8jC7VZ7T6-R02E0vt-BpcrmVlrfC7JY47H63yu7WmB2el1v2tJxeD7Nb7XB5Tpe_W_R02V1ulfFw9nuetodb8nJ4PE6_3a3YDVeD4VxoepvtAAAAAPAAcAX5BPEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYDgHqgBkMNhAJeHz_XyBwDAQwEIAIAABgmAgUdvCYBIx-4JAAAAAAAAAADL____f8wAPX20zEA91lMPwIMPwANRgWoRIwAAAICs3V7io0mdUFlUAQAQpFsBXAEABOgFZEa5hgEAABSMLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NCGkI9e0oDOuFLVfQACAtV9AAAA2dQMAeAuACzqCVgwGqwuI2QEAAADc_f___-uB4MY1sdgcK9NysBssXLPZZDQcDVeOlWOwsM2My-3RVq3q7vz26fY5TNlpclkOaoGsaXL57Tdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOEQYWow8HudkthbZZsu1aGbbuIXD2WotnBg3I8do4XG4HGvR62P6TVzG5crlRcGAzr0ILtKJymx0WR5mk9_kchufHr9bZTa6LA-zyW8RSzQni3Qiu-yLG9fEYnOsTMvBbrBwzWaT0XA0XDlWjsHCNjMu96XFyONxTmZrkW22XItmto1bOJyt1sKJcTNyjBYeh8uxFr0-pt_EZVyuXP7GbLJZTUaj2WTfmE02q8loNJvsO3SG7-pzNmqTk5lHp81cy-bPzHxQuAwW7069Whi_o4O19zo6ZdqOsqAz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR6MilgiOF2kE9HLeLqIJZKnRTpRLSwu13LlcQwnw43N5VhZNhuPZebx7ZYjj2EwmoglStNFOtGLXnaTy-5xOjx_yWAy2Kv2ks1e9jS5_G7Z0_Iwu1We0-vkdNhNL7fgaXK5lZa3wuyWOOx-t8ru1pgdnpdb9rScXg-zW-1weU6Xv1v0dNldbpXxcPZ7nraHW_JyeDxOv92t2A1Xg-FcaHqbLeo_OuByrhju5orhcq5YzlYJAAAAAAAAAGAJc-ZNAAAAAE4DGiwGw9VyASS21XWBRQAAAAAAAIobP9Yos9FleZhNfpPLbXx6_G6V2eiyPMwmv5UBJLbRmTd7Joi1Wi1rAAAAAWwAAIAAbt28BWIwcg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2235835&dpubid=401085&abtst=206725b_vA!aat1_vB!adh5c-1_vA!insc_vA!ntvc_vB!rfe_vD!spa2_vB!t45!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fheraldodemexico.com.mx&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 1a45f62d43c01c6bad8ca8bec4545b167c5b5be7f6592d56c6c7bf3023f1f57e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:13 GMT
content-encoding: gzip
server: nginx
machineid: 1469
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://heraldodemexico.com.mx
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 7042993 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 56ms
55ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5d4d1fa6cd45fa50be504afd2dcbbe4950a98f863a38992bb4e7ff9027496295

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1062
x-sticky-vk: 1623524473627040-126
Expires: Sat, 12 Jun 2021 19:01:13 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4ED1 328 KB
111 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 19:01:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1623524464.dop029.fr8.t,1623524473.cds167.fr8.shn,1623524473.cds167.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET auto-user-sync
ads.stickyadstv.com/ Frame 4ED1 0
0

GET
H2

403

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

0
330 B

34ms
34ms

Image
text/plain

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524473573075-3
Expires: Sat, 12 Jun 2021 19:01:13 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4ED1 301 B
864 B 54ms
54ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1623524473744021-126
Expires: Sat, 12 Jun 2021 19:01:13 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 4ED1 67 B
728 B 126ms
94ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&vav=4f93e4231c8f5b6b57e564e583491040&vaviv=3f1a369ea8048fd6da2710dcd87d1064&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fheraldodemexico.com.mx%2Ftendencias%2F2020%2F5%2F23%2Fvideo-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://heraldodemexico.com.mx
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1623524473765009-406
Expires: Sat, 12 Jun 2021 19:01:13 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4ED1 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 19:01:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTEzMzk4NjViYTY2MWUyOWE1N2VkMTQ5N2RjOTEyZGU=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524473795004-118
Expires: Sat, 12 Jun 2021 19:01:13 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4ED1 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

150ms
150ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 19:01:13 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=91339865ba661e29a57ed1497dc912de&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1623524473853001-126
Expires: Sat, 12 Jun 2021 19:01:13 GMT

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
125 B 35ms
35ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.7/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://heraldodemexico.com.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://heraldodemexico.com.mx
date: Sat, 12 Jun 2021 19:01:14 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dfdbca0ff1f6e82756acbd80d4c27cb7&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

299 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heraldodemexico.com.mx/	1970-01-20 04:20:20	Name: __gads Value: ID=53290001f8a91e1a-22ad29f35ec80044:T=1623524461:S=ALNI_MaojD-h-ASc0IaGJyXuNCyi6j8YAw
heraldodemexico.com.mx/	1970-01-19 18:58:46	Name: _tb_sess_r Value:
.heraldodemexico.com.mx/	1970-01-19 18:58:44	Name: _gat Value: 1
.heraldodemexico.com.mx/	1970-01-19 19:00:10	Name: _gid Value: GA1.3.568348014.1623524461
.heraldodemexico.com.mx/	1970-01-20 12:29:56	Name: _ga Value: GA1.3.1431762672.1623524461

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/v0.js(Line 6) Message: Powered by AMP âš¡ HTML â€“ Version 2106030132000 https://heraldodemexico.com.mx/tendencias/2020/5/23/video-viral-estudiante-pide-ir-al-bano-en-clase-virtual-maestro-tiene-explosiva-reaccion-178508.html
console-api	warning	URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js(Line 2) Message: [react-ga] Expected `args.value` arg to be a Number.
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 21:01:04,532 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 21:01:08,727 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 21:01:13,705 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
3eff3925c592ef7e366dca0626d61e43.safeframe.googlesyndication.com
ad.turn.com
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.twitter.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bit.ly
bttrack.com
c1.adform.net
cdn.ampproject.org
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d3770qakewhkht.cloudfront.net
d3wo5wojvuv7l.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldodemexico.com.mx
ib.adnxs.com
imprammp.taboola.com
jadserve.postrelease.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adotmob.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.co
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
wf.taboola.com
widget.perfectmarket.com
widget.spreaker.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
ads.stickyadstv.com
c1.adform.net
dpm.demdex.net
104.109.78.125
104.244.42.3
104.244.42.5
13.225.84.7
13.32.11.148
139.162.78.222
141.226.224.32
141.226.228.48
142.250.185.130
142.250.185.194
142.250.186.34
151.101.114.49
151.101.13.181
178.250.0.163
18.195.155.181
18.195.240.234
184.30.21.112
184.31.88.106
185.183.112.148
185.29.135.190
185.33.221.88
185.64.189.110
185.86.138.142
185.94.180.125
188.42.196.115
192.132.33.46
198.148.27.139
199.232.136.157
199.232.137.44
2.18.234.21
2.19.35.65
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::11
2606:4700::6810:5f41
2606:4700::6812:1070
2a00:1288:110:c305::8000
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.66.135.160
34.204.22.100
34.98.64.218
35.157.221.90
37.157.2.236
52.21.23.66
52.210.44.111
52.46.130.13
54.174.195.234
54.194.226.253
67.199.248.10
69.173.144.165
72.251.249.9
76.223.111.131
99.86.241.22
99.86.241.40
01a66a8038ee8c252b4b0bde9a56614c6bd28ca5eb4006e401338b3bad45a86d
04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89
064aee9dcd2e3bbb83dc65fa7b0c388664f9fb6ef082f038afbe9b82b1bddc68
08393c4eebfb2a747316fda17263d38ed9e6a108606463e2e39aef720b2f8df5
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11414c2540307e8a7d902cf0d7d9de1fd86f089879d772ebbf6efba6425988e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1734334102f4f0902e6e1e872efa8c3ae27784a82cda2ef49a75f86d8c9fe8a6
17c5b930c134a637e60f870f99c45ff682a19221282f9913887976a2ef713244
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a45f62d43c01c6bad8ca8bec4545b167c5b5be7f6592d56c6c7bf3023f1f57e
1c1ed9791a2807c110a7157edffac66a3f90f5e25ae92c3e76dd36534f8fa1fa
1c5d4409cbfbad0acc97ba77ec5c9828bc0eaad3430b4474b963c5f4ba091029
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
23f6e5bb6234f714d620d4f287f1784e71d56f23c0eb093cbe2d4b2ce79af040
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3126d150fd08c7eeddc887b0e8dcdbb261a479a83742f11067bbc1eaec606de2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34134c922c986acdaa1f7b8366eb0eb0a3ed4fad98408687771d1d22d101815e
3471bc0e5cd37182042a3c24d6cb8e6bec462c200971b55fbcf9d106fd24b910
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3b08ad60c055f24b2a9d541f5b57e2ffe052f59a358fc5bcb0686cc15629571c
3b79d04870feaae80844b5323755c0ab0193a27d573db524d7b145b54829d992
3e55b72ff8b92a576db7d52cf714a484f6e8828fb8cb89eb9b46d91c048e5175
3ebc7c8375b9ed4fdbb6c795d8662c7e79dab5ec054abf49018da33e4f1b91dc
3ebf9c00bdd0390cf09ff34c920093f411b31740f10ebe51bb2c79d62827c355
3f0545f7b9717531f068247aa5c0e285ff1656a1ce8348dd500b07cf7d3a6e3c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4109b5b7b210450b13ef1d81c9631141d9218acd6feb36ef30b72e756a015d7d
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
422d15bf6670ecb97e6014f1a173b89cbb7caf2c1caa92254ccd606b1b07c908
46ffba698c4628c7bc6187b13e965d72a479dcbca58942ebe4d54d237665bc00
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e08f856a57d0556c188ddc190c2b560e794f5f1634f4d86897c69391a93f1c3
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a4b14818db913b08b29af9a8c38caeb68ee63941fee0f51ccb9d1c9243226a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552d4f1dd02262c4b610d5f1b21430b5d5a42411d1075437b5548fb95194d9b7
5530de45b5ee6ca0e4b14412258ec90b6a90863761c6e0a57a4311f0a85931cc
56b2106e87f12c8e66935a343df2a13e35973a801a9e56c2adb2008c4aefbed2
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4ed81033179108881ffefdba9bc105af580ab941f3605c34bfc5e37f743f93
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d4d1fa6cd45fa50be504afd2dcbbe4950a98f863a38992bb4e7ff9027496295
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60824efde63ee5084849f31610b93e0f4251029ddbd0b952368153c9a6be10ce
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62a89e4c058b477bee9ff0f6a980d054ea7c5b46e225b4d24a6acde4bce4fb9a
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65d49bff9fd43dd116d294a5d41cd54ab8582393d41c2d78b66dfa8679d4a49f
664d0a9f8efb24b8e4743ea015517260e4c03c6640fc6831d47ce512c6e22354
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b06e7c5f82ac2fab22b7f2d067b681032b4653a05cfe9f27e7356cd141a35b9
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6de4943f8ff155f8280295e35b3abc94793a8eeacc026b69b3448f60c46d3734
6ed82d72a40fcd4f75ef8e9355544a4207371554766f20232befc8a3bab2f1d9
6f5a6f8813f20bfeb1b1c1e33ad8e344b6a21d14a9e2c2a268395b30b749cf18
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7c60286cd6c79350eecfcd587c811db0c792fc00bce1a682300622200e354836
81130e912ab3cfcb278bb9a71bac97ee3c8bda180e52ddf53c213e2f368d42c1
8195d11a4cce56009863c5f63a51faa07cd1357ab67f54b433b4a18cf3ec9f41
821d600d10a9c7f0c2ebbff18cb185dea89aac796c46308d15bec4c0054c5344
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84b2acf4096d53ff8e7ad22a0753705c8a020e18b081da19448f43c1289f4576
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8ade1345278ff4c5b9392ac7f9f91fa204d5d6e35af4a228c534e4cc96e56eae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2e8dae89f6e686e4114bfc94078e3c81598ff5c7a1bb926ebfa6347b01e344
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
96a051b7fb891fc93eea29208c725a4dd4fa009cea86bb307f12c2948760ae92
9918e7da52409127188e3b6b20cddca1c8a89dab596cb96032d87ab98007237e
9b5a601a6ecf225421ac2a5fd1977b26db8e962247b22a75663e4f63ee4e437d
9b5b44d2c5cacedcd63b702440309d784a282684df65e2cc8ac3deaa12997ad2
9cb292f950ae178884beaef6e05b61f2f0a35e6190cac84bf57719c726a542ca
9e2f12c9bae5195cf6d221ab7f83451fbe89629de67360b8fd79cf3908a7c6e7
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f9785e2fee540cc4a9e0e8389517a2add747e765f94de4a091fe70071b5277
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3e4ee8fbcb22b3fbca6a7a60fb1b7e642c5764e6d0a28eb8a0618bf1050b8dc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50ef97e7de0b0be1941bfae07e50af9da5ba6305d41879bac7527f5e834eb42
a68652e1e5e6b633e5a9dd219e828c01ab4f3dfc639d8a23d9c5952428ae825e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7c85dd21f630ff1704356f335f9d4e2853dc850fb178866c2e6fd5c035db63
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37fca127be0851975b1f6007612b11829d96c229482b82489220cf564ab46e2
b5940f457c69c0c8e5f6853a40cd5bf114d36893d3738a67380e4c9a0963eb29
b753fe182cd4700233119346fa459ba449f96bb309cc6c9d999d95143d288a4d
bab50b56dac8fd9c63c12e1424f2b59cc57599e64706c37a87332a7a4517a27e
bbe80f4d3e7a9d09c67ac85470613bd05e370280556e57a285ef0a66d0a8ece7
beaea909868e4cf222b7ecc4debce224470f90a3c6a233a4f197ef4a759eff21
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc
c434cdbf64369920bb174f8222e9c729680284ddaf5c8e95dc5c3a1fa9c0ba81
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d07e69369f0c3bfc75940293ef1926c53df4e7301f52ee4d8ce343f83bfc822e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d1afbc0da94d65b60546b6d33a6a074a37fe4796676fcaf8d88da2178b5a0c3b
d2d23876487bf4d032099c38c5997fa87938f3180c20ee8df1e78e95e7a7fd34
d47d771a782b86bf4f1253a530a143b110963c587f06b743e9e5259b7f80ccb7
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d770a1cd74ad229ceae9f95809889683a4a305b1cfdcabae9d62bad26c00fb96
d7e6804e0f55fa09ec9a6ea1bccd64ca993a297de1681f72e9bc761bb745861c
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b19e3f077e10070b05a38efdebd07333f11165495317c10be3ee667207fb6
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6c5643def4b171e80b4c9ea3c7f39eb4cc36d927df6c6f738531b5064808efa
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
eafef16112918161ad4f4cd2ea8f0a3103c6d5453619ec94140644f95e24da17
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f22be6574f9c4db228ea0ecf2c5508c0091b37748a0c78742dbf9e178c98682a
f269942eccf95f26426c83daf9ec1d38f3180a53f28da808bf722af7b2126905
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f84484a6fcf97a77906921b62e1c83ab13b7fa1f0c06cfe4c13a9dc2478391e4
fa3a6043f73487407ae9a986af45faa12e9e8dfa7777f6aa22ffb30ce3672f60
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

heraldodemexico.com.mx Open in urlscan Pro 2606:4700::6812:1070 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

97 %HTTPS

31 %IPv6

56 Domains

88 Subdomains

57 IPs

10 Countries

3344 kBTransfer

8828 kBSize

5 Cookies

22 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heraldodemexico.com.mx Open in urlscan Pro
2606:4700::6812:1070 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

97 %
HTTPS

31 %
IPv6

56
Domains

88
Subdomains

57
IPs

10
Countries

3344 kB
Transfer

8828 kB
Size

5
Cookies

254 HTTP transactions
9 data transactions