eldeber.com.bo Open in urlscan Pro
38.131.2.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html
Effective URL:
https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Submission: On July 08 via api (July 8th 2021, 2:09:44 pm UTC) from FR

Summary HTTP 389 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 42 domains to perform 389 HTTP transactions. The main IP is 38.131.2.17, located in Miami, United States and belongs to COGENT-174, US. The main domain is eldeber.com.bo.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 23rd 2019. Valid for: 2 years.

This is the only time eldeber.com.bo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:10:... 2606:4700:10::6816:3285	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	38.131.2.17 38.131.2.17	174 (COGENT-174) (COGENT-174)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
35	2606:4700:10:... 2606:4700:10::6816:3385	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
5	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4 13	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1 11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.193.54 13.224.193.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	152.199.23.105 152.199.23.105	15133 (EDGECAST) (EDGECAST)
6	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
5 17	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 3	13.225.87.8 13.225.87.8	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
26	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
71	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	69.16.175.10 69.16.175.10	33438 (HIGHWINDS2) (HIGHWINDS2)
4	35.204.47.73 35.204.47.73	15169 (GOOGLE) (GOOGLE)
3	54.73.173.213 54.73.173.213	16509 (AMAZON-02) (AMAZON-02)
6 16	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.58.167.129 52.58.167.129	16509 (AMAZON-02) (AMAZON-02)
4	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	168.119.138.45 168.119.138.45	24940 (HETZNER-AS) (HETZNER-AS)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	18.156.190.73 18.156.190.73	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.30 65.9.66.30	16509 (AMAZON-02) (AMAZON-02)
7	13.225.87.113 13.225.87.113	16509 (AMAZON-02) (AMAZON-02)
389	62

2 2606:4700:10::6816:3285 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.eldeber.com.bo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 38.131.2.17 (Miami, United States) 2 redirects

ASN174 (COGENT-174, US)

eldeber.com.bo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:10::6816:3385 (United States)

ASN13335 (CLOUDFLARENET, US)

static.eldeber.com.bo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

sakimg.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-54.fra2.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.105 (United States)

ASN15133 (EDGECAST, US)

cdn.lavoz.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 46.249.52.248 (Netherlands) 5 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cheqzone.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-8.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

widget.playoncenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (Memphis, United States)

ASN33438 (HIGHWINDS2, US)

cdn.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.47.73 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

ssp.api.tappx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.73.173.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

frontalidsp.playoncenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.233 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.167.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.138.45 (Germany)

ASN24940 (HETZNER-AS, DE)

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.190.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.30 (United States)

ASN16509 (AMAZON-02, US)

scrapping.theadwatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.87.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-113.fra2.r.cloudfront.net

f09qq4p7aj.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	1 MB
48	eldeber.com.bo 4 redirects www.eldeber.com.bo eldeber.com.bo static.eldeber.com.bo	664 KB
35	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	244 KB
27	google.com 4 redirects apis.google.com www.google.com analytics.google.com adservice.google.com	134 KB
20	stickyadstv.com 6 redirects ads.stickyadstv.com cdn.stickyadstv.com	373 KB
18	e-planning.net 5 redirects sakimg.e-planning.net ads.us.e-planning.net	21 KB
18	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	2 MB
14	playoncenter.com widget.playoncenter.com frontalidsp.playoncenter.com	206 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	464 KB
12	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	104 KB
11	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	34 KB
9	googletagservices.com www.googletagservices.com	304 KB
7	amazonaws.com f09qq4p7aj.execute-api.eu-west-1.amazonaws.com	1 KB
6	rubiconproject.com video-ads.rubiconproject.com optimized-by.rubiconproject.com	45 KB
6	360yield.com ad.360yield.com	1 KB
4	theadwatch.com scrapping.theadwatch.com	57 KB
4	tappx.com ssp.api.tappx.com	920 B
4	google.de www.google.de adservice.google.de	1 KB
4	addthis.com s7.addthis.com api-public.addthis.com	193 KB
3	2mdn.net s0.2mdn.net	49 KB
3	amazon-adsystem.com s.amazon-adsystem.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	facebook.com www.facebook.com	1003 B
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
3	googletagmanager.com www.googletagmanager.com	115 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	richaudience.com s.richaudience.com	726 B
2	vidcrunch.com cdn.vidcrunch.com	746 KB
2	unpkg.com unpkg.com	45 KB
2	google.pl adservice.google.pl	975 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	69 KB
2	instagram.com 1 redirects www.instagram.com	5 KB
1	googleadservices.com partner.googleadservices.com	497 B
1	jquery.com code.jquery.com	30 KB
1	b-cdn.net cheqzone.b-cdn.net	4 KB
1	lavoz.com.ar cdn.lavoz.com.ar	119 KB
1	addthisedge.com v1.addthisedge.com	932 B
1	moatads.com z.moatads.com	1 KB
1	gravitec.net cdn.gravitec.net	18 KB
0	adotmob.com Failed sync.adotmob.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
389	42

	Domain	Requested by
71	tpc.googlesyndication.com	eldeber.com.bo securepubads.g.doubleclick.net tpc.googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com widget.playoncenter.com
35	static.eldeber.com.bo	eldeber.com.bo static.eldeber.com.bo www.googletagmanager.com
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com eldeber.com.bo tpc.googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com srcdoc imasdk.googleapis.com
17	ads.us.e-planning.net	5 redirects eldeber.com.bo sakimg.e-planning.net
16	ads.stickyadstv.com	6 redirects widget.playoncenter.com cdn.stickyadstv.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	www.google.com	4 redirects eldeber.com.bo www.gstatic.com tpc.googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	imasdk.googleapis.com	widget.playoncenter.com imasdk.googleapis.com eldeber.com.bo
11	widget.playoncenter.com	securepubads.g.doubleclick.net widget.playoncenter.com
11	securepubads.g.doubleclick.net	1 redirects www.googletagmanager.com securepubads.g.doubleclick.net eldeber.com.bo www.googletagservices.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
11	eldeber.com.bo	2 redirects eldeber.com.bo static.eldeber.com.bo
10	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
9	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
7	f09qq4p7aj.execute-api.eu-west-1.amazonaws.com	scrapping.theadwatch.com
7	widgets.outbrain.com	eldeber.com.bo widgets.outbrain.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	ad.360yield.com	widget.playoncenter.com
6	fonts.googleapis.com	eldeber.com.bo static.eldeber.com.bo tpc.googlesyndication.com
5	images.outbrainimg.com	eldeber.com.bo
5	log.outbrainimg.com	widgets.outbrain.com
4	scrapping.theadwatch.com	widget.playoncenter.com scrapping.theadwatch.com
4	cdn.stickyadstv.com	eldeber.com.bo cdn.stickyadstv.com
4	video-ads.rubiconproject.com	widget.playoncenter.com eldeber.com.bo
4	ssp.api.tappx.com	widget.playoncenter.com
4	dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	s0.2mdn.net	imasdk.googleapis.com
3	s.amazon-adsystem.com
3	cm.g.doubleclick.net
3	frontalidsp.playoncenter.com	widget.playoncenter.com
3	sb.scorecardresearch.com	1 redirects widgets.outbrain.com
3	www.facebook.com	connect.facebook.net eldeber.com.bo
3	www.gstatic.com	www.google.com
3	www.googletagmanager.com	eldeber.com.bo www.googletagmanager.com
3	s7.addthis.com	eldeber.com.bo s7.addthis.com
3	apis.google.com	eldeber.com.bo apis.google.com
2	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
2	s.richaudience.com	widget.playoncenter.com
2	cdn.vidcrunch.com	widget.playoncenter.com eldeber.com.bo
2	unpkg.com	widget.playoncenter.com
2	adservice.google.de	pagead2.googlesyndication.com
2	adservice.google.pl	securepubads.g.doubleclick.net
2	odb.outbrain.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com eldeber.com.bo
2	www.google.de	eldeber.com.bo
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	eldeber.com.bo connect.facebook.net
2	www.instagram.com	1 redirects eldeber.com.bo
2	platform.twitter.com	eldeber.com.bo platform.twitter.com
2	www.eldeber.com.bo	2 redirects
1	ajax.googleapis.com	widget.playoncenter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	securepubads.g.doubleclick.net
1	mv.outbrain.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	cheqzone.b-cdn.net	ob.cheqzone.com
1	api-public.addthis.com	s7.addthis.com
1	syndication.twitter.com	platform.twitter.com
1	cdn.lavoz.com.ar	eldeber.com.bo
1	analytics.google.com	www.googletagmanager.com
1	ob.cheqzone.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	eldeber.com.bo
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	cdn.gravitec.net	www.googletagmanager.com
1	sakimg.e-planning.net	eldeber.com.bo
0	sync.adotmob.com Failed
0	match.prod.bidr.io Failed
389	70

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.eldeberradio.com
clasificados.eldeber.com.bo
enelrecuerdo.eldeber.com.bo
trck.tracking505.com
afternoonedition.com
www.outbrain.com
www.atodomotor.bo
www.contrata2.bo
ray.media

Subject Issuer	Validity	Valid
*.eldeber.com.bo Go Daddy Secure Certificate Authority - G2	`2019-08-23` - `2021-08-23`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-06-19` - `2021-09-17`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
sakimg.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2021-03-04` - `2022-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.cheqzone.com Amazon	`2021-02-21` - `2022-03-22`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
obs.cheqzone.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.lavoz.com.ar GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-05` - `2022-04-05`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.google.pl GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
1904895847.rsc.cdn77.org R3	`2021-05-14` - `2021-08-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.vidcrunch.com Go Daddy Secure Certificate Authority - G2	`2021-06-09` - `2022-03-27`	10 months	crt.sh
ssp.api.tappx.com R3	`2021-06-27` - `2021-09-25`	3 months	crt.sh
*.playoncenter.com Sectigo RSA Organization Validation Secure Server CA	`2021-03-17` - `2022-03-21`	a year	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.theadwatch.com Amazon	`2021-01-14` - `2022-02-11`	a year	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon	`2020-10-10` - `2021-11-10`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Frame ID: ED7264FD0E066B89F82CBF106D8C57F0
Requests: 141 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: D42F8FF0DFF9EDB39D031A944CCC376D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Feldeber.com.bo
Frame ID: BFA90887B3701D8339BEE176DC4BE5E7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR&co=aHR0cHM6Ly9lbGRlYmVyLmNvbS5ibzo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=p66iqu5nu3jt
Frame ID: 39EE02769B0E75CBB212FC628C7B48EA
Requests: 4 HTTP requests in this frame

Frame: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBB07C628B663B2D971EC6351C72012A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 32988AF4172327F3CF97A03CD9FFAD56
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=215197908804&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df79ec0b396f40c%26domain%3Deldeber.com.bo%26origin%3Dhttps%253A%252F%252Feldeber.com.bo%252Ff76a6a60177ab%26relation%3Dparent.parent&container_width=680&height=100&href=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&locale=es_LA&numposts=5&sdk=joey&width=
Frame ID: 81A77073B963EAD6B84F2FAF42E3CE75
Requests: 1 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-3.3.1.min.js
Frame ID: D3BEBC8B7483240FEC06BA7ED2B092D0
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1eBLO8tfrSL7D_Yhy5zHF97aMLmF-0DY-Rd6ZH_OboZODSWlgwsGHaygFufNT2gvgA6KckAYjLo2_Xa1aMrl66wTIU_eqXPB1D5PR-BH-SZn78XdBbSGPmMkvmdmv-QJHy3iVRBnyBN2ZN8PprFFEkkthuGaR7p0OeRQyVPfxZHFvO0F31piutgybL2eYMZlTvkhsp4N_rvl-S4KKy_I67I-6gozEwU8nbW5Q8uNgJRq972PcoUD19TyWKloqx4xZt2pt0AiIRP8pwaNKzaOpvVGPw2QcVFbVJJY3IfvjyK6zYCPyC7017SUai3Gv-g&sai=AMfl-YRXGZim2L88RyXEiCb0oH6RI7g9vDA6-WeTwINIkfgAryo75JFiT0StU3eoy9YGTfpJc8Rupj2NGfdDCw9erpbP8CX6KSSc1Mh2jWOrXFKz1lvRWsLuAzbhwX5QslI&sig=Cg0ArKJSzOJtT82wcQ9tEAE&urlfix=1&adurl=
Frame ID: 36E4EBDFB4421FA5B12E238560279EA5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Frame ID: ADBADEDE4E2A2F68996B385C2C7B270D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 626F171D81A7CEF25F8322FB4EEA7963
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4AD6C9173201864E05EFE4979EAAA8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186
Frame ID: 5AE78D551816A4D2458FEF541767233B
Requests: 10 HTTP requests in this frame

Frame: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F16FC1AC704285752C4064747647C154
Requests: 14 HTTP requests in this frame

Frame: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 902C1ACE14A4340B29B2631C3D8FE33B
Requests: 8 HTTP requests in this frame

Frame: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48EF1B4E5662C0C116621C4126B98FA0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html
Frame ID: 449ABEE0B1871733F6822762E527E152
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html
Frame ID: 5DB99E9D250B0ECED63032475FD991CD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3D4AA3FAC61338E3E5411B2809347BCC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1AE28A84669DFC2395409B97FBDD5AA0
Requests: 2 HTTP requests in this frame

Frame: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Frame ID: 02AC1EB3F6981D0119217D5D4739A07A
Requests: 49 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html
Frame ID: 0D902F720A0E8F26BE533824AFEDDD0A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433
Frame ID: 584C4077F7598C2DFF3DE4D83150D44D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 91A861865457BDEC46F00BD89764B99C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: F1E41FACA42C0089211439BC5096C242
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 27E3189E5EA34A0CA2C5999102178E67
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 65F8B62FC67C445C6A78FF6DCD676768
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2908AD410300EFC0155C265C73FB6DE3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3738F9F673D3D63B3EEAECADC896D15A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0BDA0C26E30C6D14D7752AAB54B1DAC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4A78DAAC6ED657CE7BE1EAF3E73D954E
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 8B6CAB624DF5FC50D57D7CAD2BEF33EA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B4103152D2F91EFA189C26214886DD28
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31032.js
Frame ID: 17174A848464EB4FAC29F3A3E04AADEF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 19332D416D7C9BB69DF1AB248AFDA05B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 06281C2C31A0DE13656E117784DE5657
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31032.js
Frame ID: 6B0A48079043828929DB156460B15177
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: DEA9DC380764B888BAB530D877B1F7CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9B7F72A60DDFF3F7FA5C3C51E6D23793
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Playoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Deldeber.com.bo%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26vad_type%3Dlinear%26gdpr%3D0%26gdpr_consent%3D%26channel%3Dvastadp&correlator=88549977
Frame ID: 6F08218C9D275CAFFA279E2AA29DF84E
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 34D02D5C34ECA2916F9C3D59B6DA1488
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8D50794B30B5A34C1C85ADCF50833792
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Playoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Deldeber.com.bo%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26vad_type%3Dlinear%26gdpr%3D0%26gdpr_consent%3D%26channel%3Dvastadp&correlator=88549977
Frame ID: C272098D268302017CFBF05E702676F6
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 98A7685B1567B4E9E9CB497DC6754780
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6DBB1DADB4529C6901255255A30D0DE5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B6B86D6A615C063ECAB52F8624921920
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: FABD8AA2E091FC11345510ED85D9B2F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 26BDE8E662E77521D8F7416476BE8100
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B77B1426339BB59CB8D664600855D1E1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 301
https://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 301
https://eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 302
https://eldeber.com.bo/59032_actriz-porno-cobro-por-callar-relacion-con-trump HTTP 301
https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

389
Requests

98 %
HTTPS

53 %
IPv6

42
Domains

70
Subdomains

62
IPs

7
Countries

6855 kB
Transfer

17358 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GrupoELDEBER/

Search URL Search Domain Scan URL

URL: https://twitter.com/GrupoELDEBER

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eldeber.com.bo

Search URL Search Domain Scan URL

URL: http://www.eldeberradio.com/
Title: Radio FM 103.3 Nuestra señal al Vivo

Search URL Search Domain Scan URL

URL: https://clasificados.eldeber.com.bo/
Title: Clasificados Todo lo que buscas en un solo click

Search URL Search Domain Scan URL

URL: https://enelrecuerdo.eldeber.com.bo/
Title: EN EL RECUERDO

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/d4822924-5b76-4612-90d1-77e21b73bf65?campaign_id=0003558559ea58264ec654ee02eca6b495&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=003587a8590a8a54d87dcea17a0c1c6d48&ad_title=Uzyskaj+Niesprzedane+Suv-y+2020+Za+U%C5%82amek+Ich+Warto%C5%9Bci&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=003587a8590a8a54d87dcea17a0c1c6d48&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Uzyskaj Niesprzedane Suv-y 2020 Za Ułamek Ich Wartości Oferty SUV-ów | Linki sponsorowane

Search URL Search Domain Scan URL

URL: https://afternoonedition.com/trending/celebryckie-pary-ktore-wciaz-sa-razem-outbrain-2?utm_source=outbrain&utm_campaign=00742092b2abcb8a06746c48c2566d1e79&utm_medium=$section_name$__$section_id$&utm_term=%5BZdj%C4%99cia%5D+Bo%C5%BCena+Dykiel+wiedzie+spokojne+%C5%BCycie+ze+swoj%C4%85+partnerk%C4%85&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Zdjęcia] Bożena Dykiel wiedzie spokojne życie ze swoją partnerką Afternoon Edition

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/es

Search URL Search Domain Scan URL

URL: http://www.atodomotor.bo/
Title: A Todo Motor

Search URL Search Domain Scan URL

URL: https://www.contrata2.bo/
Title: Contrata2

Search URL Search Domain Scan URL

URL: https://clasificados.eldeber.com.bo/llave-en-mano
Title: Llave en Mano

Search URL Search Domain Scan URL

URL: https://clasificados.eldeber.com.bo/te-aviso
Title: Teaviso

Search URL Search Domain Scan URL

URL: https://ray.media/
Title: powered by ray.media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 301
https://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 301
https://eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html HTTP 302
https://eldeber.com.bo/59032_actriz-porno-cobro-por-callar-relacion-con-trump HTTP 301
https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 95

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 96

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 97

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 98

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 99

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---

Request Chain 125

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26892%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DPL&c9=https%3A%2F%2Feldeber.com.bo%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26892%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DPL&c9=https%3A%2F%2Feldeber.com.bo%2F

Request Chain 141

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssvQ86P6CuFVzhnPXGLKi-HH7jAY_vPjys93G-gi9wUtk1a9D_6h2K6BtmVtKKZUcDBTwPXtQMFOKcN6ijE6TI0kxI-DYfo7780ihucnEhk4tGC2Rf2q4yxn2pEPUif4hIfbuOBZwGEaEc_SsvwXk3AQQ1XvQ8U8K5Q3j_gqn2wolZzIes4DZKkZHcRl635IqCxhk-z50qXC_7-t95gKGnOD2zZS6iwZo9cJLpK7lm5NchQAoILcSjmgmHdBGjKCV2QeSxPVF0XXAsp06zg2mRmzrltI1_sJTbJaFl0ydFFvKOaq7Wn3wC3LvQLZvsQ%26sai%3DAMfl-YQt2D_4QTp9Vp-lp9laLr7yK5kln1PyM9LsXQ8QcQbYIhjn-FQr6Tj6HaKh407XjtefWJUL4vBb43u-GRsb5jFZ3Msd0uReuZMW4qkBjGTIOugqrioI6otbk-z77WI%26sig%3DCg0ArKJSzOFJYC2QfIexEAE%26urlfix%3D1%26adurl%3Dhttps://static.eldeber.com.bo//Files/Original/2019/11/8/73164890.png HTTP 302
https://static.eldeber.com.bo//Files/Original/2019/11/8/73164890.png

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 257

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 275

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 318

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Request Chain 319

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 364

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=73d5de5e4bb521d941960c8dc3a417&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l091e_6982557576987567008 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=54ba8e7d-facd-40cf-87ca-2f406cc3dd98 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/73d5de5e4bb521d941960c8dc3a417&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ao7pOlxE2oPbqrU7DRFBkLk6S_DkUJda4d_.NbVA~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3766487119844245642 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d33160e7-0720-4200-b7fe-60811f1241d3&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9219803497899948812 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=zVHHqcin1M1uIF5 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1

Request Chain 375

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Request Chain 377

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 380

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=088e60e7-0720-4b00-906c-5260eb660ec3&gdpr=0&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=null&_test=YOcHIQACimb9PgAC HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YOcHIQACimb9PgAC&gdpr=0&gdpr_consent=null&_test=YOcHIQACimb9PgAC HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAKtk7Bzg4AADbPPiM0gA&gdpr=0&gdpr_consent=null HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3010157204683759290 HTTP 302
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=

Request Chain 386

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Request Chain 388

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

389 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request actriz-porno-cobro-por-callar-relacion-con-trump_59032 Show response
eldeber.com.bo/mundo/
Redirect Chain

http://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html
https://www.eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html
https://eldeber.com.bo/mundo/Actriz-porno-cobro-por-callar-relacion-con-Trump-20180113-0018.html
https://eldeber.com.bo/59032_actriz-porno-cobro-por-callar-relacion-con-trump
https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

46 KB
13 KB

705ms
704ms

Document
text/html

38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

dc7eb957cfc56960562edc76ae07648155c089560891c3cf23dfc19166b6b3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

:method: GET
:authority: eldeber.com.bo
:scheme: https
:path: /mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: public, max-age=240
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 08 Jul 2021 14:13:15 GMT
last-modified: Thu, 08 Jul 2021 14:09:15 GMT
vary: *
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
x-frame-options: *
strict-transport-security: max-age=31536000
date: Thu, 08 Jul 2021 14:09:16 GMT
content-length: 13712

Redirect headers

cache-control: public, max-age=240
content-type: text/html
expires: Thu, 08 Jul 2021 14:13:15 GMT
last-modified: Thu, 08 Jul 2021 14:09:15 GMT
location: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
vary: *
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
x-frame-options: *
strict-transport-security: max-age=31536000
date: Thu, 08 Jul 2021 14:09:15 GMT
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:30:57 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H2 200 api:client.js Show response
apis.google.com/js/ 12 KB
5 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1bc56a25469e072d1936fd0b39a43585c4f0d23c9d6061aacbf06e012b8478a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hYQXLf3UzVPYy0YPVG77oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "bcbc5a9f529f67075bbc5c604b02684b"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-hYQXLf3UzVPYy0YPVG77oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H3-29 403 platform.js
apis.google.com/js/ 0
0 401ms
294ms Script
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 radio.png
static.eldeber.com.bo//assets/ElDeber/build/img/header/ 2 KB
2 KB 122ms
15ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/header/radio.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19c1822027241c8f247eee695f48a8fedd846eb5d2ee85bde8a16e30e468ec55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 2002
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfad4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 clasificados.png
static.eldeber.com.bo//assets/ElDeber/build/img/header/ 4 KB
4 KB 119ms
13ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/header/clasificados.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

790d680f91ab108467894f6da0a31951dbc2ce0f3fb4a4f607f7c9468ad1adf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 3833
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfaf4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 donald_trump_380x260.jpg
static.eldeber.com.bo//Files/Original/sites/eldeber/img/2018/01/13/ 24 KB
24 KB 120ms
15ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Original/sites/eldeber/img/2018/01/13/donald_trump_380x260.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a74f29b600f7d391effcf36e42135399ab5402e2cc1b9489fcaf6dd33cf9949f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15586
vary: Accept-Encoding
content-length: 24532
last-modified: Wed, 05 Jun 2019 20:49:52 GMT
server: cloudflare
x-frame-options: *
etag: "503d239e01bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfb24e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 400 %(link1)
eldeber.com.bo/mundo/ 324 B
324 B 257ms
151ms Image
text/html 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eldeber.com.bo/mundo/%(link1)
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5

Request headers

:path: /mundo/%(link1)
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
server: Microsoft-HTTPAPI/2.0
content-length: 324
content-type: text/html; charset=us-ascii

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 177 KB
59 KB 261ms
55ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 688966c3a481f6f6867e350d3882f4df19687902adc581a4f6caf4770d18e11c

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 12:53:56 GMT
etag: W/"2c50e-lPKvdY+1cKyywMPZ+2be1Wpw9nQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 769d620d60910f2d71c75a39b1171067
timing-allow-origin: *, *
content-length: 60102
expires: Thu, 08 Jul 2021 18:09:16 GMT

GET
H2 200 clima.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 420 B
487 B 89ms
11ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/clima.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b398fba13d57aad83e9edc5ea63a9f524f2a80e03ec1eecdb2ab9f6442b3bbcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 420
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfb44e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 clasificados.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 594 B
662 B 75ms
12ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/clasificados.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed0d2d20ae7f1935071e1bc415929153f51155ad0c7ae6e917f12ec567f971c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 594
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfb54e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 motor.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 678 B
746 B 77ms
14ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/motor.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47d85ccf0567b062133cac0fcaafa25b9e799587643571e141cb1f82b4b5994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 678
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3adcfb64e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 contratados.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 597 B
673 B 73ms
10ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/contratados.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecad82d48a6a4d0daecf908e3c2391b7502beb5eb706338ee194f50bdc7f9e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 597
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3addfb84e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 llave.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 599 B
667 B 91ms
28ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/llave.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c29d590abec85311d435906f84505963c1655b5182046253272f133b1ced16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 599
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3addfb94e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 teaviso.png
static.eldeber.com.bo//assets/ElDeber/build/img/footer/ 375 B
443 B 90ms
27ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/img/footer/teaviso.png?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0633b50dc57e539989500c43f57f172da6836ab328ee3c0f6a912289c380f42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 375
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3addfbb4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 main.min.css
static.eldeber.com.bo//assets/ElDeber/build/css/ 253 KB
33 KB 39ms
16ms Stylesheet
text/css 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d69e64e0b274296a1d46edfdc28e6e74d543f6ed9a3e689a2aefa393d6f2119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 33300
last-modified: Thu, 08 Jul 2021 08:58:32 GMT
server: cloudflare
x-frame-options: *
etag: W/"06c526dd773d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3acfdd44e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 custom-theme.css
eldeber.com.bo/assets/_default/build/css/ 3 KB
814 B 157ms
153ms Stylesheet
text/css 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/assets/_default/build/css/custom-theme.css

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

62d930d435b9d33ebf174c10b4a52cf4d8922fe63b3e38a3718d79be8069d518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

:path: /assets/_default/build/css/custom-theme.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 01:15:26 GMT
server: Microsoft-IIS/10.0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
etag: "08bf143a859d71:0"
x-frame-options: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
date: Thu, 08 Jul 2021 14:09:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 705

GET
H2 200 _libs.min.js Show response
static.eldeber.com.bo//assets/ElDeber/build/js/ 400 KB
116 KB 31ms
26ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c20a3c5173487377d03f18aaa59021f1a6766765dcace5a8191437507709e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 118654
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad1e174e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 _config.min.js Show response
static.eldeber.com.bo//assets/ElDeber/build/js/ 3 KB
1 KB 74ms
68ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/js/_config.min.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec24db03a2e7826ce7beaf0e5759270d226e939d752244b1ce0138bff930aec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 1085
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad1e1b4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 _main.min.js Show response
static.eldeber.com.bo//assets/ElDeber/build/js/ 49 KB
13 KB 22ms
18ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/js/_main.min.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8158911bee973cb9936ede89160d5fdb3dc052e5f868e4f9bedea6c01baa8ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 13021
last-modified: Thu, 08 Jul 2021 09:39:26 GMT
server: cloudflare
x-frame-options: *
etag: W/"01b524dd73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad1e1c4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 vast-client.js Show response
static.eldeber.com.bo/assets/eldeber/dev/js/libs/ 115 KB
21 KB 20ms
16ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo/assets/eldeber/dev/js/libs/vast-client.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80895811af3152a0389ed8cbe21fd77bd3080990d828382247588ee769db9189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 21627
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad1e1f4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 mainpublicidad.js Show response
static.eldeber.com.bo/assets/eldeber/dev/js/libs/ 5 KB
2 KB 29ms
25ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo/assets/eldeber/dev/js/libs/mainpublicidad.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f5c57abee285db9b9943ed505270d506449ae57651ea6305d3f8f3eb075b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 1714
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad1e214e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 readaloud2.js_1988327.js Show response
static.eldeber.com.bo/assets/eldeber/dev/js/libs/ 72 KB
13 KB 85ms
17ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo/assets/eldeber/dev/js/libs/readaloud2.js_1988327.js?v=262

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40feb90d1f0fa4c33293a104a227993febf11c3870dae021f90c4f06d5f19d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36997
vary: Accept-Encoding
content-length: 13035
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ad8f0f4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 70ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/668B)
Age: 526
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

23ms
12ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 03:18:39 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: vll
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 214ms
55ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 08 Jul 2021 14:09:16 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
683 B 82ms
0ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b48a64e9d5b25d96e38ae14d6ecaa50451028ee793078bb50dbfd6f9dbd7d3d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591
x-xss-protection: 1; mode=block
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 305 KB
105 KB 68ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cf4df76a10bbe97ceaaa6248f514497eb1a579ab579eef5fcaeaeb7514aeba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107098
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 05:26:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
36 KB 84ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e39450667326a2428870f6936073db4a593279a6153c4db65b3fd9d91ee89ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37203
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 13:39:48 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H2 200 all.js Show response
connect.facebook.net/es_LA/ 3 KB
2 KB 109ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/all.js

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20e7394a0162007fd5685b98714d4e12cce8ada366a648cb142d75689dc534cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IOMbSK35AKqp3iyPC5UQ1Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: dGX8MM7ogy0656NPLDMf2xbMMtiVNbSpgIcK7L9j+xIkGlXO7qKEJBKb1MwZhjB/1Auz+xWDkk96ha5HizQ8og==
x-fb-trip-id: 686109401
x-fb-content-md5: c63829218dd0e385e1c81194b120abad
x-frame-options: DENY
date: Thu, 08 Jul 2021 14:09:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1a4fbf20a143f3af8a335b03f4de1b03"
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:15:35 GMT

GET
H2 200 materialdesignicons.min.css
static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/css/ 112 KB
20 KB 30ms
26ms Stylesheet
text/css 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/css/materialdesignicons.min.css

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ecbd3fd10b28b6cd618e85a6e8732fc7cc63f6ca46b4ba2a6dff689378c7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26823
vary: Accept-Encoding
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: W/"0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 66b9e3ae99a34e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H3-29 200 css
fonts.googleapis.com/ 718 B
378 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Text

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d20606a1d5e9d0f6a59d9dbd87d514e2dd3e030c06f06e8d8e343dcc5c7ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 14:04:34 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 6 KB
658 B 26ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a2da5732ef704a64778ea7b0474b368b9265d4cf523d0fdf4a3192e3d6be4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 14:04:56 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/es_LA/ 229 KB
66 KB 16ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/all.js?hash=d25dbe77c01d318bfb823379b0abda11

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d42df60a88e2b93b22a1268e029bdc19439097c4540dec2cac6b72c154e3db4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://eldeber.com.bo
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pmdiSCVX4SMvJP4EOQZDFQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Jul 2022 13:28:49 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68010
x-fb-rlafr: 0
x-fb-debug: y9e7Fbm5ybctHu7Tg9bq3XxgAjcU1OI/0nVm39vaY7WqXj1VXdUEhMC81/m1Bv1xc516ZFkBkkb3rdBYl0++kw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 719941a178e51ffc6d46d739f27437b9
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Jul 2021 14:09:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7a3c38e1dca0804a24be9ea0b7dfe5ac"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2611
date: Thu, 08 Jul 2021 13:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 15:25:45 GMT

GET
H2 200 pubv2.js Show response
static.eldeber.com.bo/Shared/apps/gtm/ 10 KB
2 KB 76ms
74ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo/Shared/apps/gtm/pubv2.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fdf6ab9693bc6f584455926fc934c9b5aa51a635166c5420e508cdf8fd2883d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25602
vary: Accept-Encoding
last-modified: Wed, 21 Apr 2021 13:43:02 GMT
server: cloudflare
x-frame-options: *
etag: W/"0379d3fb436d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 66b9e3b01d304e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 hbdfp.js Show response
sakimg.e-planning.net/layers/ 39 KB
14 KB 104ms
33ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://sakimg.e-planning.net/layers/hbdfp.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b9a8dba234d28039daae9bd2b823586d2d23be450d10d17658053e78bb4360f0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 86400.000
x-cf1: 29080:dA.waw1:co:1612288420:cacheN.waw1-01:D
content-length: 14036
x-cf-tsc: 1625676702
x-cf2: H
last-modified: Tue, 02 Feb 2021 17:10:41 GMT
server: CFS 0215
x-cff: B
etag: "60198791-9a45"
content-type: application/x-javascript
cache-control: max-age=86400
cf4age: 10
accept-ranges: bytes
x-cf-rand: 52.542
expires: Thu, 08 Jul 2021 16:51:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 166ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

05478dab63553bb1bee0f6fb049c2190b82afa967fc1ffe88ef34cf12f511379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "924 / 206 of 1000 / last-modified: 1625742623"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24156
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/30cd9cee29706166475c74eac2ee9cb3/ 64 KB
18 KB 175ms
68ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/30cd9cee29706166475c74eac2ee9cb3/client.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e05a4d0c93f2aa6f63f75d5e665800c3050300201d216e089a6bc9001b0a740

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 19:15:35 GMT
server: nginx
etag: W/"609d7ad7-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 13 May 2021 19:20:14 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 32ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0FPSTK97ZJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d57e71cd8c5ed652eadbd40e4f4793d2dc70ab6d57386dc438ccfd3ae9843b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48046
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:16 GMT

GET
H2 200 logo-el-deber.png
static.eldeber.com.bo/assets/eldeber/build/img// 58 KB
58 KB 18ms
17ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo/assets/eldeber/build/img//logo-el-deber.png

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

024aafd9298eeb71097cfaf26ab9613f4a7c79c025e08e1c8089e6be4b49c692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2233
vary: Accept-Encoding
content-length: 59621
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b03d694e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 logocorto2.png
static.eldeber.com.bo/Shared/arte/ 4 KB
4 KB 15ms
15ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo/Shared/arte/logocorto2.png

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55da593c885b287fb2800a52282fc4e76a4a7153fb4d60488e7137ae0dafe10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16359
vary: Accept-Encoding
content-length: 3876
last-modified: Wed, 14 Apr 2021 22:10:46 GMT
server: cloudflare
x-frame-options: *
etag: "d6b34557b31d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b04da04e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 logo-grupo.png
static.eldeber.com.bo/assets/eldeber/build/img// 1 KB
1 KB 25ms
19ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo/assets/eldeber/build/img//logo-grupo.png

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b914b56dfc2f9e791a89a0f1168c966cffbc39010f60197d36e965adeb8a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4918
vary: Accept-Encoding
content-length: 1272
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b05dc14e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 iso.png
static.eldeber.com.bo/assets/eldeber/build/img/ray/ 260 B
358 B 22ms
19ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo/assets/eldeber/build/img/ray/iso.png

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b626a8abe1ea98d365cafbd4de2ae43f3d012abffdf052b6cab9160acb27472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21297
vary: Accept-Encoding
content-length: 260
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b05dc34e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 logo.png
static.eldeber.com.bo/assets/eldeber/build/img/ray/ 1 KB
2 KB 29ms
24ms Image
image/png 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo/assets/eldeber/build/img/ray/logo.png

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba87af37dd315379fcd30b169176db6cef0cde052bacc4dbf556d8c72f7f33ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25609
vary: Accept-Encoding
content-length: 1450
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b06de44e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 materialdesignicons-webfont.woff2
static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/fonts/ 140 KB
140 KB 50ms
26ms Font
application/font-woff2 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/fonts/materialdesignicons-webfont.woff2?v=2.6.95

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/css/materialdesignicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de126c86ab04e2444b1e461734eee399230551be4368e8ff6fe5de13ec1e62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Origin: https://eldeber.com.bo
Referer: https://static.eldeber.com.bo//assets/ElDeber/build/fonts/MaterialDesignIcons/css/materialdesignicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22080
vary: Accept-Encoding
content-length: 143004
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b08c57c303-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 D-Din.woff2
static.eldeber.com.bo//assets/ElDeber/build/fonts/DDin/ 20 KB
21 KB 38ms
14ms Font
application/font-woff2 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/fonts/DDin/D-Din.woff2

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b210fad6e9eaa120e032bb945a2e4cf30dece4de3657ec0dc42732ba472740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Origin: https://eldeber.com.bo
Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23030
vary: Accept-Encoding
content-length: 20744
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b08c59c303-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 D-Din-Bold.woff2
static.eldeber.com.bo//assets/ElDeber/build/fonts/DDin/ 22 KB
22 KB 42ms
18ms Font
application/font-woff2 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/ElDeber/build/fonts/DDin/D-Din-Bold.woff2

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9007288706aafe9616f96be4e856fe91722056c40ea579bbfcd95993a6e82e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Origin: https://eldeber.com.bo
Referer: https://static.eldeber.com.bo//assets/ElDeber/build/css/main.min.css?v=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23030
vary: Accept-Encoding
content-length: 22052
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: "0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b08c5bc303-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 199018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v5/ 24 KB
24 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v5/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Serif+Text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97371649f7e7778d7508b1e33b59b907f5ddf6b194bc209ddcfe6d88d75d2436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:45:40 GMT
x-content-type-options: nosniff
age: 213816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24256
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:14:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:45:40 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v11/ 19 KB
20 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v11/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:57:43 GMT
x-content-type-options: nosniff
age: 191493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19956
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:48:47 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:57:43 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v11/ 21 KB
21 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v11/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b365f9b216aaa185d338b3d83f9c7ceda2fe7d56564a5efc047e98505a0f0048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 21:42:00 GMT
x-content-type-options: nosniff
age: 232036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:41:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:42:00 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v11/ 20 KB
21 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v11/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94192424866461cfb1b0e1684654325dd00e5581cbb395d507d613bbb22fdbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:57 GMT
x-content-type-options: nosniff
age: 198979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20948
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:57 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 03:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 03:20:17 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 160ms
48ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12160
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5d9b2b637daed7ad/ 3 KB
932 B 62ms
61ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5d9b2b637daed7ad/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8ba18a674065c09346e3644a7d591211cdd12e6e895ebfdc1baefd28e6860d1

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:17 GMT
content-encoding: gzip
etag: -1765917745--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=42, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 755

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D42F 416 B
798 B 55ms
55ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1625058934.29122"
last-modified: Wed, 30 Jun 2021 12:53:14 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 08 Jul 2021 14:09:17 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1625753357~rv=8~id=06561f6950a697488eb9961caf4beb77; path=/; Expires=Thu, 08 Jul 2021 14:09:17 GMT; Secure; SameSite=None

GET
H/1.1 200
OK ZWxkZWJlci5jb20uYm8= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 180ms
57ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/ZWxkZWJlci5jb20uYm8=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:17 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1835
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 25d1f7de05cfac63a2639b05e442b77e
Content-Length: 15
Expires: Thu, 08 Jul 2021 14:39:52 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
452 B 67ms
61ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.9773455906514394
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:17 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 07 Aug 2021 14:09:17 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame BFA9 319 KB
103 KB 9ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Feldeber.com.bo
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eldeber.com.bo/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 578462
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jul 2021 14:09:17 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 lastnews.min.js Show response
static.eldeber.com.bo//assets/_default/build/js/component/ 2 KB
951 B 18ms
17ms Script
application/javascript 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo//assets/_default/build/js/component/lastnews.min.js?v=262

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004b9089238529155eca3dbfabeccec457d2228a4027e0aa4daca7252fcdd585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36996
vary: Accept-Encoding
last-modified: Wed, 07 Jul 2021 02:36:26 GMT
server: cloudflare
x-frame-options: *
etag: W/"0b1f2e1d872d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 66b9e3b539c54e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 / Show response
eldeber.com.bo/auth/checklogin/ 19 B
114 B 153ms
153ms XHR
application/json 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/auth/checklogin/

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

78734487541493e9162a1fdfbff9e579ca7f5a8b00604d25f55cd662714444d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000
:path: /auth/checklogin/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
date: Thu, 08 Jul 2021 14:09:17 GMT
x-frame-options: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
content-length: 19

GET
H2 200 donald_trump.jpg
static.eldeber.com.bo//Files/Original/sites/eldeber/img/2018/01/13/ 132 KB
132 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Original/sites/eldeber/img/2018/01/13/donald_trump.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea59d63457097325222e236da47dbc8cb0075bc7dae3e905b6a5aae86bcc021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15587
vary: Accept-Encoding
content-length: 134949
last-modified: Wed, 05 Jun 2019 20:49:52 GMT
server: cloudflare
x-frame-options: *
etag: "2754239e01bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3b5caf54e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 200 renderMenu Show response
eldeber.com.bo/asset/ 1 KB
773 B 154ms
153ms XHR
text/html 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/asset/renderMenu?type=1

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a93e05934784b068b86d43136ad78e8eea35a21048a9209d0dfb7e2e5cd3ed1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000
:path: /asset/renderMenu?type=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
content-length: 659
last-modified: Thu, 08 Jul 2021 04:08:17 GMT
server: Microsoft-IIS/10.0
x-frame-options: *
date: Thu, 08 Jul 2021 14:09:17 GMT
vary: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=31499939
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
expires: Fri, 08 Jul 2022 04:08:18 GMT

GET
H2 200 renderMenu Show response
eldeber.com.bo/asset/ 314 B
316 B 155ms
154ms XHR
text/html 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/asset/renderMenu?type=2

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a551108e994e0751be2d5b1c2e21238ba9207996d3f2f572cd7c7ffe1bc433a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000
:path: /asset/renderMenu?type=2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
content-length: 268
last-modified: Thu, 08 Jul 2021 04:08:17 GMT
server: Microsoft-IIS/10.0
x-frame-options: *
date: Thu, 08 Jul 2021 14:09:17 GMT
vary: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=31499939
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
expires: Fri, 08 Jul 2022 04:08:18 GMT

GET
H2 200 mstags.json Show response
static.eldeber.com.bo/services/ 24 B
187 B 499ms
498ms XHR
application/json 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.eldeber.com.bo/services/mstags.json?cache=202168169

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d53207b63b3b5f70b655ab0853a47a045adf91144ffc034f5027f84924410f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 24
last-modified: Wed, 23 Dec 2020 19:54:20 GMT
server: cloudflare
x-frame-options: *
etag: "4943a76765d9d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 66b9e3b5fd98c303-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

GET
H2 200 GetByCity Show response
eldeber.com.bo/Service/ 2 KB
2 KB 158ms
153ms XHR
application/json 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/Service/GetByCity?city=Santa%20Cruz

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1b0dcbdf1aed1622cea1642d7f0aa83a1efccf14932dc53d2a23910f9d1cb86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000
:path: /Service/GetByCity?city=Santa%20Cruz
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 08 Jul 2021 14:08:48 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
date: Thu, 08 Jul 2021 14:09:17 GMT
x-frame-options: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=270
vary: *
content-length: 2277
expires: Thu, 08 Jul 2021 14:13:48 GMT

POST
H2 200 / Show response
eldeber.com.bo/asset/SetCountView/ 0
30 B 158ms
158ms XHR
text/plain 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/asset/SetCountView/

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
origin: https://eldeber.com.bo
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000
content-length: 76
:path: /asset/SetCountView/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
date: Thu, 08 Jul 2021 14:09:17 GMT
x-frame-options: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
content-length: 0

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 50 KB
19 KB 158ms
59ms Script
text/javascript 13.224.193.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-54.fra2.r.cloudfront.net
Software: /
Resource Hash: 5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:04:07 GMT
content-encoding: gzip
cheq_headers_order: Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age: 7510
etag: "c62f-zfp6hy/A0Hu4xWYKZo/YBOKVxgM"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA2-C1
content-length: 19216
x-amz-cf-id: LBlDjRZhAp9EDf2AfH__qGrwqnfS5vAEKa_GO-YZtUxEbFufw6IbaA==
expires: Fri, 09 Jul 2021 00:04:07 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=762685529&t=pageview&_s=1&dl=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&ul=en-us&de=UTF-8&dt=Actriz%20porno%20cobr%C3%B3%20por%20callar%20relaci%C3%B3n%20con%20Trump%20%7C%20EL%20DEBER&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1078890279&gjid=1728114452&cid=1964188886.1625753358&tid=UA-388621-1&_gid=1955227138.1625753358&_r=1&gtm=2wg770L4CK&z=1524373464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 39EE 38 KB
19 KB 31ms
30ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR&co=aHR0cHM6Ly9lbGRlYmVyLmNvbS5ibzo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=p66iqu5nu3jt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85bc8b741f9a0c97f1c7ee6315ea4691df5d25670c3213237172773a04c63754

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U6vKIEMwVAM1FVo36/UyGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR&co=aHR0cHM6Ly9lbGRlYmVyLmNvbS5ibzo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=p66iqu5nu3jt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=218=dri__rcex6BiWCsxa2QPmV7GPkQjJcpBtqzwD71J_EJfVLU1qPZlsS41YrzfX_RZKn16mR1k7gulmuwqJNlxlftX0Af49M9VsNYZ3Km2Cf_wiNOcZnZ44LmPdshxAs4vdX6gXL8Fq_6zWa0woACrAKx8gKBWJubVOi3DsyAjodM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Jul 2021 14:09:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-U6vKIEMwVAM1FVo36/UyGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19674
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 62ms
60ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 08 Jul 2021 14:09:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
114 KB 120ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:18 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 79 KB
31 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-L4CK

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb5b7b664ee27b00154e949bbf1a17baa472b0527fef1a18a2e88532342342b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32161
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 14:09:18 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 57ms
35ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=215197908804&input_token&origin=1&redirect_uri=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/all.js?hash=d25dbe77c01d318bfb823379b0abda11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 1Z3vrWfAbtTEM1yWVxKh/UOaC8TYA2Kkpg+ZZ/gvRXNTPyh81aAL2QptVdsRNv11nrj4l+UGNyL0tR4epullsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Jul 2021 14:09:18 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/platform/scribe_endpoint.php/ 67 B
1003 B 59ms
41ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/scribe_endpoint.php/?c=jssdk_error&m=%7B%22appId%22%3A%22%22%2C%22error%22%3A%22legacy_status_init%22%7D

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 5mwsiEm8HgQDY6TjP8f9l8uys2H7VKpz+pXuVWFcFYHO7OA4Ly12g2gt21zJsboOdtKlyjnu8eaBKFu/10wz2g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Jul 2021 14:09:18 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GetLastNews Show response
eldeber.com.bo/widget/ 5 KB
2 KB 155ms
154ms XHR
text/html 38.131.2.17
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://eldeber.com.bo/widget/GetLastNews?categoryId=1004&from=0&to=5&authorId=0

Requested by

Host: static.eldeber.com.bo
URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

38.131.2.17 Miami, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3b759dcc210d8b466a8c3074a0d0c6245f5343fbab3677a36737045160a1dee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __atuvc=1%7C27; __atuvs=60e7070dcf9c819c000; _ga=GA1.3.1964188886.1625753358; _gid=GA1.3.1955227138.1625753358; _gat_UA-388621-1=1
:path: /widget/GetLastNews?categoryId=1004&from=0&to=5&authorId=0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: eldeber.com.bo
referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-aspnet-version: 4.0.30319
content-length: 1725
last-modified: Thu, 08 Jul 2021 14:08:56 GMT
server: Microsoft-IIS/10.0
x-frame-options: *
date: Thu, 08 Jul 2021 14:09:18 GMT
vary: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=278
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
expires: Thu, 08 Jul 2021 14:13:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-388621-1&cid=1964188886.1625753358&jid=1078890279&gjid=1728114452&_gid=1955227138.1625753358&_u=YEBAAAAAAAAAAC~&z=347040360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Jul 2021 14:09:18 GMT
content-type: text/plain
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
149 B 17ms
15ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0FPSTK97ZJ&gtm=2oe770&_p=762685529&sr=1600x1200&_gaz=1&ul=en-us&cid=1964188886.1625753358&_s=1&dl=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&dt=Actriz%20porno%20cobr%C3%B3%20por%20callar%20relaci%C3%B3n%20con%20Trump%20%7C%20EL%20DEBER&sid=1625753358&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0FPSTK97ZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
stats.g.doubleclick.net/g/ 0
17 B 32ms
16ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0FPSTK97ZJ&cid=1964188886.1625753358&gtm=2oe770&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0FPSTK97ZJ
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0FPSTK97ZJ&cid=1964188886.1625753358&gtm=2oe770&aip=1&z=1499142112

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame D42F 610 B
993 B 58ms
57ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1625058934.993134"
last-modified: Wed, 30 Jun 2021 12:53:14 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Thu, 08 Jul 2021 14:09:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1625753358~rv=87~id=fe71d67003ba6d7648c62bc3cd6967bd; path=/; Expires=Thu, 08 Jul 2021 14:09:18 GMT; Secure; SameSite=None

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
72 B 22ms
21ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-388621-1&cid=1964188886.1625753358&jid=1078890279&_u=YEBAAAAAAAAAAC~&z=734502576

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-388621-1&cid=1964188886.1625753358&jid=1078890279&_u=YEBAAAAAAAAAAC~&z=734502576

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 5 KB
4 KB 400ms
194ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03258228903120919086162940978121147091712068202116128482001762187070&nc=0&tsf=0&tsfmi=&pv=0&cb=1625753358699&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDU3MzNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiNDYs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJnYXBpXCIsXCJfX19qc2xcIixc%0D%0AImluaXRBZHNOdW1iZXJcIixcInRyb25jYWxcIixcInZlcnRpY2FsXCIsXCJmYkFwcElkXCIsXCJw%0D%0AdWJsaWNLZXlSZWNhcHRjaGFcIixcInVybEFwaUZyb250ZW5kXCIsXCJnZXRHbG9iYWxTdGF0aWND%0D%0Ab25maWd1cmF0aW9uXCIsXCJnZXRHbG9iYWxTdGF0aWNJbWFnZUNvbmZpZ3VyYXRpb25cIixcImFj%0D%0AY2Vzc1R5cGVcIixcInZlcnNpb25TdGF0aWNcIixcImRhdGFMYXllclwiLFwiZ29vZ2xlQXBwSWRc%0D%0AIixcImVuYWJsZWRHb29nbGVTaWduSW5cIixcIm9uU2lnbkluXCIsXCJmYkFzeW5jSW5pdFwiLFwi%0D%0AY2F0ZWdvcnlOYW1lXCIsXCJzb3VuZENsb3VkSWZyYW1lXCIsXCJhc3NldElkXCIsXCJvc2FwaVwi%0D%0ALFwiZ2FwaXhcIixcImdhZGdldHNcIixcImlmcmFtZXJcIixcIl9fZ2FwaV9qc3RpbWluZ19fXCIs%0D%0AXCJzaGluZGlnXCIsXCJUb29sYmFyQXBpXCIsXCJpZnJhbWVzXCIsXCJJZnJhbWVCYXNlXCIsXCJJ%0D%0AZnJhbWVcIixcIklmcmFtZVByb3h5XCIsXCJJZnJhbWVXaW5kb3dcIixcImdvb2dsZWFwaXNcIixc%0D%0AImdvb2dsZV90YWdfbWFuYWdlclwiLFwiRkJcIixcImdvb2dsZV90YWdfZGF0YVwiLFwiR29vZ2xl%0D%0AQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwiJFwiLFwialF1ZXJ5XCIsXCJTZWFyY2hJbmRleFwi%0D%0ALFwiQmxvb2Rob3VuZFwiLFwiU2x1Z2lmeVwiLFwiRm9ybVZhbGlkYXRpb25cIixcIm1vbWVudFwi%0D%0ALFwialF1ZXJ5QnJpZGdldFwiLFwiRXZFbWl0dGVyXCIsXCJtYXRjaGVzU2VsZWN0b3JcIixcImZp%0D%0Aenp5VUlVdGlsc1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTks%0D%0AIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixc%0D%0AIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRl%0D%0AcjpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjow%0D%0ALjAxMzA3MTg5NTQyNDgzNjYwMn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0x%0D%0AOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAw%0D%0ALDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0y%0D%0AMCwiMTk2NDE4ODg4Ni4xNjI1NzUzMzU4Il0sWy0yMSwibkc0ZEFabVEiXSxbLTIyLCJbXCJuXCIs%0D%0AXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjox%0D%0ANjEwMDAwMCxcInVqaHNcIjoxNTIwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlsw%0D%0ALDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIs%0D%0AMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEs%0D%0AInRydWUiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYyNTc1MzM1ODQy%0D%0AOSwtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0x%0D%0ALDE5NTQsMCwwLDAsMCwwLDcwNSw4NDAsMCwzNDQ2LjEsMzg2MC44LDQ4MzAsNDgzMSJdLFstMzks%0D%0AIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGws%0D%0AbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3%0D%0AMjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMTEwMCJdLFstNDQsIjAsMCww%0D%0ALDUiXSxbLTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxpbixl%0D%0Abi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwzODhdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A1043%2C%22y%22%3A2115%2C%22w%22%3A366%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=v06zo9ODLh&sdd=%7B%7D&pto=5108
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 56c6ce9bec7419c555c18ca415e7c0985bd1ae0955a928cf6cba3eac553891c0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:19 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 3336
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client.es.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 142ms
52ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.es.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e9d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Thu, 08 Jul 2021 14:09:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1753

GET
H2 200 pw.js Show response
cdn.lavoz.com.ar/sites/default/files/libs/paywall/eldeber/ 377 KB
119 KB 248ms
58ms Script
application/javascript 152.199.23.105
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lavoz.com.ar/sites/default/files/libs/paywall/eldeber/pw.js

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.105 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/371E) /

Resource Hash

974d566c42b758b3ce9e5f7a93113c1fd3944544149789d55235bd85ab9eeda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 00:25:00 GMT
server: ECAcc (lhd/371E)
age: 580746
etag: "5f4d94dc-5e2db+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
expires: Thu, 15 Jul 2021 14:05:13 GMT
cache-control: max-age=604800, public
x-owner: La Voz del Interior S.A.
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 121613
x-proxy-cache: HIT 237

GET
H2 200 disminuyen-las-esperanzas-de-encontrar-supervivientes.-foto-ap-ne_1900853298_15x10.jpeg
static.eldeber.com.bo//Files/Sizes/2021/7/8/ 680 B
823 B 14ms
12ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Sizes/2021/7/8/disminuyen-las-esperanzas-de-encontrar-supervivientes.-foto-ap-ne_1900853298_15x10.jpeg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f861a95d110870c42d0b4063d179ebc6a5c548ea8251f41c68a3323ae75b411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 953
vary: Accept-Encoding
content-length: 680
last-modified: Thu, 08 Jul 2021 13:41:56 GMT
server: cloudflare
x-frame-options: *
etag: "1c6d15ff73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3bcdc424e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 200 importada-feed_1899504861_15x10.jpg
static.eldeber.com.bo//Files/Sizes/2021/7/8/ 705 B
842 B 19ms
17ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Sizes/2021/7/8/importada-feed_1899504861_15x10.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ada6642bd3d992a0ba5344658c617bcc44e865482e6f926f0fea523f879cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2236
vary: Accept-Encoding
content-length: 705
last-modified: Thu, 08 Jul 2021 13:19:27 GMT
server: cloudflare
x-frame-options: *
etag: "e845ede0fb73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3bcec444e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 200 importada-feed_1899442298_15x10.jpg
static.eldeber.com.bo//Files/Sizes/2021/7/8/ 699 B
821 B 18ms
17ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Sizes/2021/7/8/importada-feed_1899442298_15x10.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae0271348480e1d72977b02b723d53bb25c74f624e3bb17b8dfb13652870db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2236
vary: Accept-Encoding
content-length: 699
last-modified: Thu, 08 Jul 2021 13:18:25 GMT
server: cloudflare
x-frame-options: *
etag: "3a7a2bbfb73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3bcec454e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 200 importada-feed_1899001111_15x10.jpg
static.eldeber.com.bo//Files/Sizes/2021/7/8/ 682 B
803 B 14ms
13ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Sizes/2021/7/8/importada-feed_1899001111_15x10.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2354b7e6ff4b5a17fc52381e3f42e767aa56eff7005d65f229993978a1f2ac5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3077
vary: Accept-Encoding
content-length: 682
last-modified: Thu, 08 Jul 2021 13:11:04 GMT
server: cloudflare
x-frame-options: *
etag: "eb62b3b4fa73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3bcec474e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H2 200 importada-feed_1899008704_15x10.jpg
static.eldeber.com.bo//Files/Sizes/2021/7/8/ 698 B
819 B 13ms
12ms Image
image/jpeg 2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Sizes/2021/7/8/importada-feed_1899008704_15x10.jpg

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7683dfa55cc876b564c2d2deb44e0566181393fdc84e4ab459c7695a785ff0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3280
vary: Accept-Encoding
content-length: 698
last-modified: Thu, 08 Jul 2021 13:11:11 GMT
server: cloudflare
x-frame-options: *
etag: "36ff30b9fa73d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3bcec5d4e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
cf-bgj: h2pri

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 511ms
124ms XHR
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1625753358946&sessionId=b420ecf6-a971-5350-408a-593961423bba&url=eldeber.com.bo&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:19 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 62a33a82cf729f12e1718275f69cc059
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 28 KB
11 KB 365ms
263ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&idx=0&rand=37500&key=NANOWDGT01&widgetJSId=SB_3&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=b420ecf6-a971-5350-408a-593961423bba&fdu=eldeber.com.bo&px=1043&py=2749&vpd=1549&cw=366&ts=1625753358965&settings=true&recs=true&version=2000374&sig=nG4dAZmQ&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf45534e3774c86de9c6063f222a0bb72016bf74ae95dfa174ea9fbb0c1016a2

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.78
x-cache-hits: 0, 0
x-traceid: 4bcedc386e867205943d1a81a009dff3
content-encoding: gzip
content-length: 10413
x-served-by: cache-lga21978-LGA, cache-fra19162-FRA
x-timer: S1625753359.095489,VS0,VE217
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 39EE 52 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR&co=aHR0cHM6Ly9lbGRlYmVyLmNvbS5ibzo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=p66iqu5nu3jt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 14:03:59 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 39EE 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 03:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 03:20:17 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/
Redirect Chain

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trum...
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con...

58 B
378 B

59ms
57ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3127260f7a114d5b99000373002a2eecd53e34e19c0e9f9109fe96bf0000f583

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 58
x-sid: AMS-747

Redirect headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
access-control-allow-origin: https://eldeber.com.bo
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDNI:1x1!/ED-NI&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/
Redirect Chain

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-t...
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-...

60 B
380 B

58ms
57ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 8ef19791fe4a6cdc23a5a645f382a2e830cef3b0f75f32a7e756dcb29b4df896

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 60
x-sid: AMS-747

Redirect headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
access-control-allow-origin: https://eldeber.com.bo
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN1x1:1x1!/EDN1x1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/
Redirect Chain

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-...
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion...

59 B
379 B

64ms
63ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 473a846f81f40f69461b9d84ee754f7f0fae8cb6bffa947ae97482d8567b03cf

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

Redirect headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
access-control-allow-origin: https://eldeber.com.bo
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN01:728x90!/EDN01&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/
Redirect Chain

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con...
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacio...

59 B
379 B

63ms
63ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a5492c99e920c93dff325db29083a8110030187b57b75b485a9fcd1a9bedf522

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

Redirect headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
access-control-allow-origin: https://eldeber.com.bo
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN08:160x600!/EDN08&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/
Redirect Chain

https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con...
https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacio...

59 B
379 B

65ms
62ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1bbb0320e0ae771b52075c1abea12433af4feadb34b56ba0fa3f7f510658a469

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

Redirect headers

date: Thu, 08 Jul 2021 14:09:19 GMT
server: openresty
access-control-allow-origin: https://eldeber.com.bo
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/25aa4/78777691/eldeber.com.bo/ROS?ct=1&rnd=0.15198520425366513&e=EDN09:160x600!/EDN09&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753359&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-747

GET
H2 200 settings Show response
syndication.twitter.com/ Frame BFA9 256 B
442 B 304ms
217ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a80970df9b6f46c82c58d7f7e88164cc705304cd

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Feldeber.com.bo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:18 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 14:09:19 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 90d8e03e5e03a8be378d841447cdb88af48d9faea92463d1f8341005dba9c34a
content-length: 176

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
295 B 245ms
240ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
last-modified: Thu, 08 Jul 2021 14:00:00 GMT
server: nginx/1.15.8
date: Thu, 08 Jul 2021 14:09:19 GMT
content-type: application/json
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 39EE 102 B
202 B 17ms
17ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3XpkUAAAAAGhR-HaFAJCC9l2iEX9WQdAYz1rR&co=aHR0cHM6Ly9lbGRlYmVyLmNvbS5ibzo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=p66iqu5nu3jt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 08 Jul 2021 14:09:19 GMT

GET
H2 200 m.js Show response
cheqzone.b-cdn.net/ 10 KB
4 KB 589ms
53ms Script
text/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cheqzone.b-cdn.net/m.js?v=30
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE1-713 /
Resource Hash: b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-storageserver: DE-169
cdn-cachedat: 2021-07-08 12:44:48
cdn-pullzone: 47782
last-modified: Sun, 01 Mar 2020 11:55:08 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 6176b2c9304f9801a2b6bc6f168ff425
cdn-requestcountrycode: PL
cdn-requestpullsuccess: True

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 127ms
126ms XHR
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1625753359684&sessionId=b420ecf6-a971-5350-408a-593961423bba&url=eldeber.com.bo&cheqSource=1&cheqEvent=2&responseTime=1840
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:19 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4fcf1aa61ba1232f18c8197942ed03a
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 105ms
104ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368ebc030e9448f949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c5dbeaf48dbae21a2fa428e3b8ab2e0734be8567c4b011e7454408815a5f8684c38681eb923bce6a88deb3da28ea282c64842378c0c2c04e24d4ba22ab52b0c6169676fb7e181e55ca31ff439cd0be71f8df78c012e188dcdc77c2584962b15e191e715e72c1a12eb744c2dc8c3cea8c68ed9c219583e4fe6d82fff552763189ea504ad8a7464a05faefe33ffb6487b903b1fd6af039fd71fa56dd14d4aa2edb0873b1bc9867232d22567b480349b8eb8f70c040eb5744282ae4b74fda841b0cf7a4dcb8ba70dfebe4fa9afbaef257523afb479aab5f6e825f781dd767416c6ff07bb36b1fc2e9ac7f9833c52f99df59dfa41fcb6905203c1039428ecae0c72e3800d85e10d7a086feee8e0a5bc9a2b739d48a2667ca91522e63f9dc&cb=1625753359684&cri=v06zo9ODLh
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:19 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
853 B 459ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 457ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
7 KB 965ms
961ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2111938832436997&correlator=1123133900882845&output=ldjh&impl=fifs&eid=31061756&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=78777691%2CEDN01%2CEDN08%2CEDN09%2CED-NI%2CEDN1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=320x100%7C728x90%7C970x90%2C120x600%7C160x600%2C120x600%7C160x600%2C1x1%2C1x1&ists=2&cookie_enabled=1&bc=31&abxe=1&lmt=1625753355&dt=1625753359848&dlt=1625753356264&idt=2751&frm=20&biw=1600&bih=1200&oid=3&adxs=640%2C35%2C1445%2C0%2C0&adys=247%2C197%2C197%2C4471%2C4470&adks=1809865468%2C3475700167%2C623587834%2C4215088161%2C488741405&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C120x1%7C120x1%7C1600x4818%7C1600x4471&msz=320x-1%7C120x0%7C120x0%7C1600x0%7C1x-1&ga_vid=1964188886.1625753358&ga_sid=1625753360&ga_hid=762685529&ga_fc=false&fws=4%2C4%2C4%2C0%2C0&ohw=1600%2C1600%2C1600%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7af62401dc5271452d467abe72982e59a0157c6d847b66a2a6b8b166e058ede5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,5552837964,5389356439
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,138332933063,138313352760
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBB0 6 KB
3 KB 34ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Jul 2021 14:09:20 GMT
expires: Fri, 08 Jul 2022 14:09:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 1 KB
2 KB 58ms
54ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "96dd1eed1ecd3297bab335082e4a072e:1623321656.76441"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1524
expires: Sat, 07 Aug 2021 14:09:20 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 59ms
55ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 07 Aug 2021 14:09:20 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfqFXUIJ.woff2
fonts.gstatic.com/s/dmseriftext/v5/ 10 KB
10 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v5/rnCu-xZa_krGokauCeNq1wWyWfqFXUIJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Serif+Text

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3f977bffbdb7acbec32706fe43f897fcaecbb50638a9c701389e76aec3c246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eldeber.com.bo
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:05:07 GMT
x-content-type-options: nosniff
age: 209053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10432
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:13:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:05:07 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 554ms
136ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ad471a14ab1c1f313a1538d2122dea05_26892_1625753359256&tm=2630&eT=0&widgetWidth=366&widgetHeight=572&widgetX=1043&widgetY=2749&tpcs=1&wRV=2000374&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
X-TraceId: 6b7e077322a36c59b4c66fb26d52949d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 3298 16 KB
6 KB 68ms
55ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03756393a5bd0a892eca673f2c8bd7d6e8f72b3d667e8dfe912d13bf4c1e0edf

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "969a8e0424552ce44cc1188280e497e5:1625574515.546906"
last-modified: Tue, 06 Jul 2021 12:28:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 09 Jul 2021 14:09:20 GMT
date: Thu, 08 Jul 2021 14:09:20 GMT
content-length: 5500
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1625753360~rv=89~id=da4630f3c687dee1b99a27e2f62c92eb; path=/; Expires=Thu, 08 Jul 2021 14:09:20 GMT; Secure; SameSite=None

GET
H2 200 get Show response
odb.outbrain.com/utils/ 4 KB
2 KB 149ms
147ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&idx=1&rand=3513&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&t=YWQ0NzFhMTRhYjFjMWYzMTNhMTUzOGQyMTIyZGVhMDU=&adblck=false&abwl=false&clss=MKFeusaVB0sLVNLsXCKuz3rD%2FXhvNdy3dzxA5BAqxSonngTvyWkcKfkmB9yyYnup0WDgq8eA%2Bc4rvwH9&px=799&py=4203&vpd=3003&ts=1625753360156&settings=true&recs=true&version=2000374&sig=nG4dAZmQ&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc9df82be86f8060ed72f3efb177a1898f63d938b68058c7b0262667ce07f996

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1625753360.186531,VS0,VE100
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.24
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 2fc827bf215e2833f405ea56946a6f9d
content-encoding: gzip
content-length: 1890
x-served-by: cache-lga21924-LGA, cache-fra19162-FRA

GET
H2 200 eyJpdSI6ImU1ODEyZmU3YjY1MTQ0MmRiNTcyM2Q3MDliM2IwNWQ3MmVlYmQzM2U4YzUyYmM0NDNjZjFkMmRjMjBjNGFjYmIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 170ms
56ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1ODEyZmU3YjY1MTQ0MmRiNTcyM2Q3MDliM2IwNWQ3MmVlYmQzM2U4YzUyYmM0NDNjZjFkMmRjMjBjNGFjYmIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 758866bd00ac25c9ca912a72e7ba5e0f1bd9a3f28304b6d22a0b0fa3a5ca1b6a

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=1048826
last-modified: Thu, 18 Mar 2021 16:26:05 GMT
x-traceid: bb3f934683147f6b9cf47cb8ffee6cce
timing-allow-origin: *
content-length: 8308
content-type: image/webp

GET
H2 200 eyJpdSI6ImM3ZDY3ZWM2MjRiMDZiMDIyMThhOGZmNjMyZjk4YTJlZWVlNGVhMWNkOGMzOGI1MWZlMjY0NGVlMGMyYjczMzkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 171ms
57ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM3ZDY3ZWM2MjRiMDZiMDIyMThhOGZmNjMyZjk4YTJlZWVlNGVhMWNkOGMzOGI1MWZlMjY0NGVlMGMyYjczMzkiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e9f44da67c624fd1331f6dbee8ae19ebf7d85889fbe480b5f8fb016825711e7

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=1866719
last-modified: Wed, 30 Jun 2021 14:54:00 GMT
x-traceid: 8248509901d58ba7ccc7ef9f0511c99a
timing-allow-origin: *
content-length: 2840
content-type: image/webp

GET
H2 200 eyJpdSI6Ijg1NWE3NjA3OWZlNTY4MDRhNzFhMjhkODYwMjhlMWYyMWNhMTFkOWY4NGVmYzE3M2EyODIxMWY2Zjc2YjcyOTQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 528ms
415ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg1NWE3NjA3OWZlNTY4MDRhNzFhMjhkODYwMjhlMWYyMWNhMTFkOWY4NGVmYzE3M2EyODIxMWY2Zjc2YjcyOTQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c01e461f961a9c3251f826352492e94e01948087044abf6665d74334e8f91aba

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=2462400
last-modified: Mon, 21 Jun 2021 06:35:20 GMT
x-traceid: d38add5ac6eaa4704ee65bfdb3e063e2
timing-allow-origin: *
content-length: 5678
content-type: image/webp

GET
H2 200 eyJpdSI6IjI1NjI2MzI1NzM3NDZlZTBlNTA2M2ZkYzg2Mzg4MmEzMGUzNTJkODc3NTQ5OTAyOWE4NGYxNDE5Njc0NzkzZWMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 172ms
59ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1NjI2MzI1NzM3NDZlZTBlNTA2M2ZkYzg2Mzg4MmEzMGUzNTJkODc3NTQ5OTAyOWE4NGYxNDE5Njc0NzkzZWMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5da52842ffe445cffa09effec959e5b50c6b13c2b4e12c690594bd4b25074362

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=2108351
last-modified: Wed, 23 Jun 2021 08:46:51 GMT
x-traceid: fb782d1ed78e928d746e303d747c9741
timing-allow-origin: *
content-length: 6264
content-type: image/webp

GET
H2 200 eyJpdSI6IjJkNDE1ODgyMTk1MTFlM2VmYTU3Nzc2NGQ1NzdiZmU3YzliMTVlNGNlZmIzMDI2MTMxODBkMDhjYWQ5Y2FjNDIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 184ms
72ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJkNDE1ODgyMTk1MTFlM2VmYTU3Nzc2NGQ1NzdiZmU3YzliMTVlNGNlZmIzMDI2MTMxODBkMDhjYWQ5Y2FjNDIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e18367e24645fc838b222bb8a2f9b22606b587147c100ca838849d0acb22375

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=1424738
last-modified: Sat, 19 Jun 2021 19:53:11 GMT
x-traceid: 589a39ef4b85c4017ab5b60497cc9e98
timing-allow-origin: *
content-length: 8920
content-type: image/webp

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 3298 1 KB
2 KB 136ms
45ms Script
application/javascript 13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:55:52 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: kvQEKhPnU8A3Gz2A_i_JUT0ir4AjxzQijnAUyDzqyTxeohToMzk0sg==

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 130ms
130ms Fetch
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=07018b631995c77ec7dd09a341925079&pvId=ad471a14ab1c1f313a1538d2122dea05&sid=6240844&pid=26892&idx=1&wId=100&pad=0&org=0&tm=2874&eT=0&cnsnt=no_consent&widgetWidth=0&widgetHeight=0&widgetX=800&widgetY=4203&wRV=2000374&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:20 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9fc821a9c228625df71fdd5072df17f4
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000374/module/ 53 KB
17 KB 60ms
60ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000374/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1e9f9a999e7bf5aa4f08f52b941986ab0ec3285ecd1c7c3cc8afdda598226456

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 12:53:14 GMT
server: AkamaiNetStorage
etag: "d15e5d3302d4519bc64d36c02997e0da:1625058841.046229"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 17465

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 6 KB
2 KB 213ms
205ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000374&apv=true&sig=nG4dAZmQ&format=html&rand=36715&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWQ0NzFhMTRhYjFjMWYzMTNhMTUzOGQyMTIyZGVhMDU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=MKFeusaVB0sLVNLsXCKuz3rD%2FXhvNdy3dzxA5BAqxSonngTvyWkcKfkmB9yyYnup0WDgq8eA%2Bc4rvwH9&dpr=1&cw=0&wdr-natlaz=true&ts=1625753360448
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000374/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53563d515e1380750dd1ce3643fe0f40633a3117adae0a1119cfee929045046

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1625753360.487323,VS0,VE159
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.41
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: f4f4ac06e2e7b1e579b503b8333d76b2
content-encoding: gzip
content-length: 1538
x-served-by: cache-lga21941-LGA, cache-fra19162-FRA

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 3298
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2F...

64 B
328 B

45ms
45ms

Image
image/gif

13.225.87.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26892%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DPL&c9=https%3A%2F%2Feldeber.com.bo%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-8.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Z-0yTGdRTbajgwIRuniG5UOdSYLBo1uLXNqV17VzPi5UsTa5fgI7xw==

Redirect headers

date: Thu, 08 Jul 2021 14:09:20 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=26892&cs_ucfr=1&ns__t=1625753360564&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D26892%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DPL&c9=https%3A%2F%2Feldeber.com.bo%2F
content-length: 440
x-amz-cf-id: n9g9vMQu99OJU47hDJVUfs41DBFSDBdiJVbhUB-D-OVbUpGmLqEYnw==

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 124ms
124ms Fetch
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=39132aa89bcc932bc8d0e20b1149ba43&pvId=ad471a14ab1c1f313a1538d2122dea05&sid=6240844&pid=26892&idx=3&wId=972&pad=0&org=0&tm=3227&eT=0&cnsnt=no_consent&widgetWidth=0&widgetHeight=0&widgetX=800&widgetY=4203&wRV=2000374&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:20 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 1e0dd890c5a8cde4c71cccd464e22a6b
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 243ms
123ms Fetch
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3c04194870f6cdf04002e61e33628f8a&pvId=ad471a14ab1c1f313a1538d2122dea05&sid=6240844&pid=26892&idx=4&wId=972&pad=0&org=0&tm=3235&eT=0&cnsnt=no_consent&widgetWidth=0&widgetHeight=0&widgetX=800&widgetY=4203&wRV=2000374&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:20 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 77881bf92b59042037eb7742406f6eb
Content-Length: 4
Expires: 0

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 58 B
378 B 50ms
50ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHS:300x250!/EDHS&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3bf0776889efe6a632ebcbc7df5c2ebae1b11c580064076f1edae41e6acbace1

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 58
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 59 B
379 B 50ms
49ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHSA:300x250!/EDHSA&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a4cb9b9b53b298e257947b582e752b131bc6a9a158bfd2fa380b235629b59957

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 59 B
379 B 52ms
50ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHSB:300x250!/EDHSB&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 4ffed3cab99447796ac7e4d2cb14577c005b90c3dd0dfa0b5ab449bb4722ecf3

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 58 B
378 B 62ms
62ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDC1:300x250!/EDC1&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a78dc45cd6ff32228acf82c513e8c0b367d57c999ab1433f303d323b5536bb70

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 58
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 59 B
379 B 60ms
59ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHCA:300x600!/EDHCA&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 74c623f6ed52cd20324fa3649c01ae2f8dc96e574131be3315e1692a9850616e

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 59 B
379 B 58ms
54ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHCB:300x250!/EDHCB&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: f8c80862a8118a242ffd325663b56b8dfa5491ab50b0b9fec37d4ea692551141

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 59
x-sid: AMS-747

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ 60 B
380 B 55ms
54ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/25aa4/78777691/eldeber.com.bo/ROS?rnd=0.15198520425366513&e=EDHLIA:970x250!/EDHLIA&fv=0&ur=https%3A//eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032&cb=hbepl.rH&ts=1625753360&tz=2&dc=1&srvtarg=&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by: Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ba32e9da1c89370cf40812b29d8e0da45408f5ba42cc2c0203d3cc96773605cc

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://eldeber.com.bo
expires: Thu, 08 Jul 2021 14:09:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 60
x-sid: AMS-747

GET
H2 200 comments.php
www.facebook.com/plugins/ Frame 81A7 0
0 33ms
32ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=215197908804&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df79ec0b396f40c%26domain%3Deldeber.com.bo%26origin%3Dhttps%253A%252F%252Feldeber.com.bo%252Ff76a6a60177ab%26relation%3Dparent.parent&container_width=680&height=100&href=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&locale=es_LA&numposts=5&sdk=joey&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/all.js?hash=d25dbe77c01d318bfb823379b0abda11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/comments.php?app_id=215197908804&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df79ec0b396f40c%26domain%3Deldeber.com.bo%26origin%3Dhttps%253A%252F%252Feldeber.com.bo%252Ff76a6a60177ab%26relation%3Dparent.parent&container_width=680&height=100&href=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&locale=es_LA&numposts=5&sdk=joey&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Mdobmz+vrpcQaVZ1qMman5ZQ7xmKsuWc8A+9jjdPSIr5obZ5O54IbUs47ePCexiInyFri0FjNtebBxybmWYIPQ==
content-length: 0
date: Thu, 08 Jul 2021 14:09:20 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
122 B 44ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 191 KB
34 KB 654ms
653ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2111938832436997&correlator=1123133900882845&output=ldjh&impl=fifs&eid=31061756&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210708&iu_parts=78777691%2CEDHS%2CEDHSA%2CEDHSB%2CEDC1%2CEDHCA%2CEDHCB%2CEDHLIA&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%2C300x250%2C300x250%2C320x100%7C300x250%2C300x600%2C300x250%2C320x100%7C320x250%7C970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1625753355&dt=1625753360826&dlt=1625753356264&idt=2751&frm=20&biw=1600&bih=1200&oid=3&adxs=508%2C508%2C508%2C1066%2C1076%2C1076%2C175&adys=1933%2C2612%2C3290%2C1246%2C2419%2C3446%2C4162&adks=3600664646%2C1874846859%2C312416820%2C283831026%2C1956455404%2C3601439646%2C3348266180&ucis=6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1249x30&msz=300x-1%7C300x-1%7C300x-1%7C320x-1%7C300x-1%7C300x-1%7C1249x30&ga_vid=1964188886.1625753358&ga_sid=1625753360&ga_hid=762685529&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=3%7C4%7C5%7C6%7C7%7C8%7C9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e192ecbc789775a111d89b3dca636cf5d3b9817c5db524c87ff9ce5b304c7aff

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyWx5zT0_ECFdhT4AodgHMMag&gqi=&layout=/sadbundle/%24csp%253Der3%24/8872026185954013982/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP6Wx5zT0_ECFdhT4AodgHMMag&gqi=&layout=/sadbundle/%24csp%253Der3%24/3348909710090640555/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyWx5zT0_ECFdhT4AodgHMMag&gqi=&layout=/sadbundle/%24csp%253Der3%24/8872026185954013982/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP6Wx5zT0_ECFdhT4AodgHMMag&gqi=&layout=/sadbundle/%24csp%253Der3%24/3348909710090640555/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: 138229690099,-2,-2,-2,-1,-2,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34336
x-xss-protection: 0
google-lineitem-id: 4630282699,-2,-2,-2,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Thu, 08 Jul 2021 14:09:21 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ Frame D3BE 85 KB
30 KB 33ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1625753360.dop123.fr8.t,1625753360.cds237.fr8.hc,1625753360.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D3BE 136 KB
49 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

692f07094fa90b48e27d608d35e20835a07e419c9719a3dfe7f9ca469cea2542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49115
x-xss-protection: 0
server: cafe
etag: 3014906620262155612
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:09:20 GMT

GET
H2

200

73164890.png
static.eldeber.com.bo//Files/Original/2019/11/8/ Frame D3BE
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssvQ86P6CuFVzhnPXGLKi-HH7jAY_vPjys93G-gi9wUtk1a9D_6h2K6BtmVtKKZUcDBTwPXtQMFOKcN6ijE6TI0kxI-DYfo7780ihucnEhk4tGC2Rf2q4yxn2pEPUif4hIfbuOBZ...
https://static.eldeber.com.bo//Files/Original/2019/11/8/73164890.png

3 KB
3 KB

22ms
19ms

Image
image/png

2606:4700:10::6816:3385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.eldeber.com.bo//Files/Original/2019/11/8/73164890.png

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3385 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb73633f1cee75d4647a4bca2be901f2cd7ee479434264a963f761b9cfe3ba4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10603
vary: Accept-Encoding
content-length: 2950
last-modified: Fri, 08 Nov 2019 16:18:46 GMT
server: cloudflare
x-frame-options: *
etag: "3a3832325096d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 66b9e3ca4bd14e79-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept,Authorization

Redirect headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://static.eldeber.com.bo//Files/Original/2019/11/8/73164890.png
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E4 0
0 83ms
81ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1eBLO8tfrSL7D_Yhy5zHF97aMLmF-0DY-Rd6ZH_OboZODSWlgwsGHaygFufNT2gvgA6KckAYjLo2_Xa1aMrl66wTIU_eqXPB1D5PR-BH-SZn78XdBbSGPmMkvmdmv-QJHy3iVRBnyBN2ZN8PprFFEkkthuGaR7p0OeRQyVPfxZHFvO0F31piutgybL2eYMZlTvkhsp4N_rvl-S4KKy_I67I-6gozEwU8nbW5Q8uNgJRq972PcoUD19TyWKloqx4xZt2pt0AiIRP8pwaNKzaOpvVGPw2QcVFbVJJY3IfvjyK6zYCPyC7017SUai3Gv-g&sai=AMfl-YRXGZim2L88RyXEiCb0oH6RI7g9vDA6-WeTwINIkfgAryo75JFiT0StU3eoy9YGTfpJc8Rupj2NGfdDCw9erpbP8CX6KSSc1Mh2jWOrXFKz1lvRWsLuAzbhwX5QslI&sig=Cg0ArKJSzOJtT82wcQ9tEAE&urlfix=1&adurl=

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Jul 2021 14:09:20 GMT

GET
H2 200 embed.min.js Show response
widget.playoncenter.com/newplayer/ifriendly/ Frame 36E4 26 KB
8 KB 39ms
9ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/ifriendly/embed.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5e88101ac9d292a162c8310a3176c4ae596ee223995bf369b273dfa16225b7b5

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:20 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-77-nzt-ray: lnLK3Nhf7hQ=
age: 234
x-77-cache: HIT
x-cache: HIT
x-age: 17214
content-encoding: br
x-77-nzt: AcO1rzUPkX/vPkMAAA==
x-accel-expires: @1625822546
last-modified: Thu, 01 Jul 2021 15:16:56 GMT
server: CDN77-Turbo
etag: W/"6f54cbabd1187b280b22c014c203c137"
vary: Accept-Encoding
x-amz-version-id: W5H39npc2wOyZ2OthhxdLrzo3kycOt.r
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 60_DuClFjefB8YOsEw15onnFw2Sf8eEkq6cABLhp0PVZ5l0XjmXXnQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36E4 123 KB
37 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:20 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:20 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 50ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c0ef2287cabb4c07357f5925e6f8c95609e7abedc1194f70ecfeea5a65c7a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8414
x-xss-protection: 0

GET
H2 200 14349890576220819489
tpc.googlesyndication.com/simgad/ Frame D3BE 181 B
600 B 44ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14349890576220819489?

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd044d6a97f6816be28fec361201ee9325772590024e7e6a1a42dc5382fca74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 09:15:55 GMT
x-content-type-options: nosniff
age: 190406
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 181
x-xss-protection: 0
last-modified: Wed, 24 Apr 2019 02:53:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 09:15:55 GMT

GET
DATA 200
OK truncated
/ Frame D3BE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186b2a17199bc4ad58e6fde533780e39a9ca239e366c2b4b7a7d2e524559455f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 36E4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bbe3b818686f25a13de66f2b80a68c3450de51a68a6487eb37f6e830d2b6306

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E4 0
0 136ms
77ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk-pE27frlLlZgem1RcO0RBOrmxLHDk2pLLnuCP9_kf9D20q-WA7ykR4oDORXbT8x3HMXy9Ys-1NOVFCM1P0W8NTCG8dnKG8WbFYWrDPNUqJCqRIVBUrl7KBpGzRkT8SvhiZLWO3pRUH_5buH2cQ8gwf0bqy6q3B8IMrPbaBmJZ0J5LQ3BDa9tbw3RhE8CzDbvVxYc5goGydMc7FOcczGJcLiPvsXCPmeg0XOduh_H2oYnMRLy-EkeQGpSnMIy0R8kvX0LR57BGk949OlG1KQXig-SQh3AuBj7Kueq_za1_AprzQ&sai=AMfl-YRIpFDSZgq8D1_wloy4XHf-5zpgTMwkTPMRZRFmtk8NVPR9GkUGfAbeMCzK4QeYk10oSO8QyiZG4k38CyAYn4zLilXnsrVFKpQjvuGCyrbAbIcgPIaJjFCS9KT1rnI&sig=Cg0ArKJSzCxs0M_g5UUbEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ Frame D3BE 240 KB
89 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8428628871273734&plah=eldeber.com.bo&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91041
x-xss-protection: 0
server: cafe
etag: 14008214618944263571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame ADBA 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmVS1Vkc8j4sfo1shO2yqVcoB0iuQcwzlQjKGWuUTmG5zR8d5bF33I5Gjud4Ts
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Jul 2021 23:21:00 GMT
expires: Wed, 21 Jul 2021 23:21:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 53301
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 626F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 08 Jul 2021 13:41:44 GMT
expires: Fri, 08 Jul 2022 13:41:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4AD 783 B
535 B 25ms
24ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86caceb93bfaf11f4e8418bef2904cde8d4dbc7bbcd5d9f973422d1cbf76aee2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kBIKCRmE8JOvueiLJDHYLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

expires: Thu, 08 Jul 2021 14:09:21 GMT
date: Thu, 08 Jul 2021 14:09:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kBIKCRmE8JOvueiLJDHYLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D3BE 12 B
497 B 159ms
57ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eldeber.com.bo&callback=_gfp_s_&client=ca-pub-8428628871273734&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8428628871273734&plah=eldeber.com.bo&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D3BE 107 B
853 B 53ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D3BE 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AE7 98 KB
35 KB 485ms
482ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

299a8167f5539ff84acf7b6f76851bb06f509ef244321afacc6214cf7a70ab31

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu_5pzT0_ECFS6hUQodvPcHXA&gqi=EQfnYLqTGbLYsgK2ob-oAg&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmVS1Vkc8j4sfo1shO2yqVcoB0iuQcwzlQjKGWuUTmG5zR8d5bF33I5Gjud4Ts
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu_5pzT0_ECFS6hUQodvPcHXA&gqi=EQfnYLqTGbLYsgK2ob-oAg&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Jul 2021 14:09:21 GMT
server: cafe
content-length: 35610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3BE 72 KB
27 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3BE 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8428628871273734&c=16&e=2570847921467975139&n=0&t=0&w=883&x=5

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 626F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

GET
H3-29 200 container.html Show response
dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F16F 6 KB
3 KB 27ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Jul 2021 14:09:20 GMT
expires: Fri, 08 Jul 2022 14:09:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 902C 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Jul 2021 14:09:20 GMT
expires: Fri, 08 Jul 2022 14:09:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48EF 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Jul 2021 14:09:20 GMT
expires: Fri, 08 Jul 2022 14:09:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F16F 22 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 12:04:30 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F16F 136 KB
48 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83aa3ecb7b747db5d4b18b939eaf48357bf34fc839b041de1173ed1c3b6bef36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49111
x-xss-protection: 0
server: cafe
etag: 15935411871857926271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F16F 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 108 KB
19 KB 13ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0559099b0d5dc93dbacf2a4f4647475cae0c74fda32d1067db29943f2c902361

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8872026185954013982/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 06 Jul 2021 08:52:50 GMT
expires: Wed, 06 Jul 2022 08:52:50 GMT
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19413
age: 191791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 902C 0
0 96ms
91ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1HlVEAfnYPzON9ingQeA57HQBrnNjqVjrtmJ-c8M_t7F2rQdEAEgwbDsdGDp5MmF2BqgAYnGvbMCyAEJqQK3zHDGl0GkPuACAKgDAcgDCKoEugJP0IKWHHEPYb-9XltT2iM2D288xzlNjT_L4FmpwjheK8UVJzi4iUzls4imGnerQ_rM_7FExkRv0zCYW8lSN7jJRVbqj4LlxXMxn34q0O9QTPY8h1Tzrkszmv6wDWq54Lhyl8P6sq0_uNgDL3hJQf3hVNho5agYynCQOGMyxSOtOi9py3yyrjBwIhICKywOAyurkEHMGjUHJW6SePiE8sQ74mt9X1T66o-fwpKQ1nsZ3At-G3hC9nS3YVh8637pGO_W30qiduG4-Y4DaNF79wQr1w8Ls6szl1pzXojlrAlLS7cT9EX6GNnw7jxuM4oKJkOvkG-2v3JC6O4_wLvyRvdEGhnqvODZ_Bl2bJiHhM_iZR5LOoIJLueaGUKhVsIgREAHxHHvL0LQYD0RWIcDNI6Wd4fze98rGOATI8AE2oPr4aYD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9-5wswBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKfnCtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTI5NzMwODUyODY5ODY2OYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0yOTYwNzk1ODc2MjA2MjUz&sigh=t9S2Sh40lkA&template_id=419
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 902C 17 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:34 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 902C 3 KB
1 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 902C 123 KB
37 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 902C 14 KB
6 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:09:12 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 902C 0
0 25ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwTBQiyoAZe3zgeBQB0p6_1Pv4HZaZv9uKnXbsyGaQ0JVsctXcq_4ImopgKWuhn5tmthnLnfTKHeAjOEIWIjWaqPmQaA
Requested by: Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 108 KB
19 KB 10ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e44421aff2827ea799f50b42ca6497acffe42f71a311d2980525192bb0dd4fad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3348909710090640555/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 05 Jul 2021 21:07:49 GMT
expires: Tue, 05 Jul 2022 21:07:49 GMT
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19433
age: 234092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 48EF 0
0 86ms
85ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZEXvEAfnYP7ON9ingQeA57HQBrnNjqVj9tqJ-c8M1t7F2rQdEAEgwbDsdGDp5MmF2BqgAYnGvbMCyAEJqQK3zHDGl0GkPuACAKgDAcgDCKoEugJP0HaOcaheaCAHsi5TXxSkHTgjC5WmAwnBD0uInTc1dPWSbUfBmZ70tx0IGIkBjl1x1BrZ1pGOw_sa-xONnmtPewUpZwYrn2gf2v-knj6r484FKhGlX9xyYs5PeN-z2xV9hEDy8eVMjBmhvOW0UKJoR26-N0a59as1sHTx1CBzkGBKo7yG4klwfBBQo3MKB7UI_1pMeBrDA5eVmiFQBfWmRQU1O2oEuuHU_pnrjyFnBO3o5dYDwTUW-5Ava4CvnnIBfPpkA2vvo6crqmDsoEbzLbPe8HmJ884O8dVbh_PpaxgwZLb2uhgd4pAe_m1NVTJHGNIVNt9_DcqvvewRKXSbQYdLfmVTV1lRf6e6kLLA3zPIRokoMgcjYiCVcaxYzjIjwROC_Cs_N2hTr3rBDtXuAi0lmJA4qtmE68AE2oPr4aYD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9-5wswBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELCECNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTI5NzMwODUyODY5ODY2OYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0yOTYwNzk1ODc2MjA2MjUz&sigh=AMbDhrWOpXE&template_id=419
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 48EF 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:34 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 48EF 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48EF 123 KB
37 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 48EF 14 KB
6 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:09:12 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F16F 0
0 86ms
81ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA6v4dzv0X8kVgGRDOScVavd8PlafeQ-S4fwWaaxZfmJeeTWOtYHa9RqGschvVMFKIeYqgLhFgBJIYFnBgJLHv7MvayFHn2103XGaF4Eu2--uODSLQwkWV3VdzTHFTF7VeSRQUoasehBHoVktHL4UI3sgbkLNQ6zdGKqCPZ-ulNzW1g2uhvDjiQ-mbl0FkY9g6eMadOo2VQhnMUVr4GiqBDMPWRFQqXfE2PVGlc1-Vhr-cUkL0W_gbLjPTc-Q68gAx873w9Z-zYjYTFCXU1XkItMJAOG7g_129s5RK7IlA9xwtQqGayu2m0nG1Rq4H&sig=Cg0ArKJSzI8ZH04KK5s7EAE&urlfix=1&adurl=

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame F16F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 861fe193370ceaf9cac223d12fa87c74fb5701edcbe64166ebb7925a65d17120

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D4A 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Jul 2021 13:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 902C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d97913f09154a3af2d1337d5241697477b81b4d4e61a62d993bdda7e5279b06

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AE2 143 B
163 B 11ms
10ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Jul 2021 13:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 48EF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a11b3e3bb590f42d500c01bcc5a269be3c1e9ce8f1ce8438d76d67615da172f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 inview.min.css
widget.playoncenter.com/newplayer/ifriendly/ 4 KB
1 KB 15ms
11ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/ifriendly/inview.min.css
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/embed.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a6cb6aa21563738375691438210ff1014f8087918cebf6708375388b462d1b49

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:22 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-77-nzt-ray: GlSbAKDJUv4=
age: 291
x-77-cache: HIT
x-cache: HIT
x-age: 17171
content-encoding: br
x-77-nzt: AcO1rzWtlKbvE0MAAA==
x-accel-expires: @1625822591
last-modified: Fri, 30 Apr 2021 12:43:20 GMT
server: CDN77-Turbo
etag: W/"b9254ee1f781efb3f88069933bab66bd"
vary: Accept-Encoding
x-amz-version-id: YoXG9F1Mw8f6MD1AtwMT8MDzFVbo5S6v
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: ydjQhwjO6EQxiGTyxhHNT2TDwK7MmPCyOa_pRforULv8GeyNl8zqFQ==

GET
H2 200 code.min.js Show response
widget.playoncenter.com/newplayer/ifriendly/ Frame 02AC 5 KB
2 KB 8ms
8ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/embed.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dc1f73bb79877b91d1b01af29663794faea0b8db82954a0cd16ae8526ad76bea

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:22 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-77-nzt-ray: 44z7pUPvhg8=
age: 291
x-77-cache: HIT
x-cache: HIT
x-age: 17171
content-encoding: br
x-77-nzt: AcO1rzXTxB7vE0MAAA==
x-accel-expires: @1625822591
last-modified: Mon, 14 Jun 2021 09:53:17 GMT
server: CDN77-Turbo
etag: W/"393808c8cc88064589e108ce2dbdc6cb"
vary: Accept-Encoding
x-amz-version-id: W9cJqc2SpjSdxXzExrmdpbetrKStoWuF
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: dNAfxtxsOoLWsnmJB-0_gbRSh9IfbAiIPq3Zc8M6IlGE_0xV3EyNfQ==

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ Frame F16F 240 KB
89 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8428628871273734&plah=dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91041
x-xss-protection: 0
server: cafe
etag: 14008214618944263571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jul 2021 14:09:22 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 449A 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 449A 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 12:37:33 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5DB9 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5DB9 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 12:37:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 5AE7 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:34 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5AE7 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AE7 123 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5AE7 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:09:12 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5AE7 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzntdh4BkPQnkwfAtjE-0hFikpURXSrazLhuNRODBRQRXfY-Rrw9gLOOomaMyvVOG0Twh8RvCX9u7QEbowgjR9s3n0RQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 92 KB
22 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff01daed626ba5cceec848f483670a27c525643b6a3c26adb5796b668d1c253

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5646111312527115393/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 05 Jul 2021 20:43:01 GMT
expires: Tue, 05 Jul 2022 20:43:01 GMT
last-modified: Fri, 28 May 2021 09:13:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 22289
age: 235581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5AE7 0
0 51ms
43ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYJtaEQfnYIvzGa7CxgK875_gBbmOwYljr82r4YgO3-SivcABEAEg15TQEWCVAqAB3qfX2gPIAQmpAsxxhvWX07M-qAMByANIqgSUAk_QZrI657eqAfXJ9ZBtIJq2xJ5nK7HZIvbmNrZ3Nq0tNbFMdlvLe7i8p7P5Ki24v3HX_ClfHyrY8APsaDjr6mtHomMi0J2Ns7r5aAh9O35Y3HLsYU5ox8VgJtjksQuCI2--IcWamrUSoyNQVc2cvCewe9oyuj3Iw9MrYyRh46XIGCjuyNo-lMtfOmvL4OXjIulh50eiMwC0Bk6S4UIoCJp3jxXIpLG7cCYx3hff3FRQZ_nE9l4jdUwEnK6pz9SjzACqEq3HKO3gbBCDjmDtkjOR2oHYhjJpG-_P3A0RdGR-SSKuduB-DIV3cLbXFVSpwO2K1KWVVoPSLgMKM48jB3oyO3Lwu9ZRusyApd7c6NMas-S418AE7obI8ssDkgUECAQYAZIFBAgFGASgBi6AB4nZ1kOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-eAH0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTg0Mjg2Mjg4NzEyNzM3MzQ&sigh=Hs08CPpvNaY&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 08 Jul 2021 14:09:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F16F 107 B
122 B 47ms
21ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F16F 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 584C 65 KB
23 KB 534ms
533ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a221fd28a3008a265e11595111451b8c78e91d1bc64ac33701398e8bb3a94e6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLG2u53T0_ECFSagUQodSAkMJA&gqi=EgfnYKqtMaeB2fcP8IWwmAk&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLG2u53T0_ECFSagUQodSAkMJA&gqi=EgfnYKqtMaeB2fcP8IWwmAk&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 08 Jul 2021 14:09:23 GMT
server: cafe
content-length: 23143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F16F 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657948508962"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:22 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 91A8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=90&slotname=1267735785&adk=4053359582&adf=3587945734&pi=t.ma~as.1267735785&w=728&lmt=1625753361&psa=0&format=728x90&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753361194&bpp=7&bdt=293&idt=128&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D492ee533efe2fc97-2274d8eb76c800a4%3AT%3D1625753359%3AS%3DALNI_MZ0KZ17e_oRSyD-nK7EwqD-VaHSBw&correlator=4954046509346&frm=21&ife=4&pv=2&ga_vid=1546502268.1625753361&ga_sid=1625753361&ga_hid=931107268&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=1600&ish=95&ifk=3882173479&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=2832163948655094&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C95&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=4&bc=31&ifi=1&uci=1.m2jes12cz3kf&fsb=1&xpc=1947bmLcOf&p=https%3A//eldeber.com.bo&dtd=186

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Jul 2021 13:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5AE7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e92656bda791924ef589b0d6edb6b72dad8ca01943bd0bbe5c91b5be0d3f960

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

19ms
19ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 08-Jul-2021 15:09:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 14:09:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1AE2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
URL: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn6ali4AkhNgnHRcvO6H8NwuTX_1uhru1j7RH3Z9qky-Ix6asbRxHeClFM1dS8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 08-Jul-2021 15:09:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 14:09:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 5AE7 0
20 B 63ms
42ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu_5pzT0_ECFS6hUQodvPcHXA&gqi=EQfnYLqTGbLYsgK2ob-oAg&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0D90 672 B
455 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 13:03:24 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:23 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0D90 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0D90 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 12:37:33 GMT

GET
H2 200 style.min.css
widget.playoncenter.com/newplayer/css/ Frame 02AC 42 KB
7 KB 10ms
9ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/css/style.min.css
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b0cf5158206ffd499dd97fed1ebed3a4619776f2b217774119e11c7aa0e572b3

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:23 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-77-nzt-ray: 55ektc+ZAos=
age: 291
x-77-cache: HIT
x-cache: HIT
x-age: 17171
content-encoding: br
x-77-nzt: AcO1rzXlCmvvE0MAAA==
x-accel-expires: @1625822592
last-modified: Thu, 22 Apr 2021 09:32:00 GMT
server: CDN77-Turbo
etag: W/"a978d1364f8ea4b836a9991ee0d5dceb"
vary: Accept-Encoding
x-amz-version-id: U_xBk5WgTwDo0H3X43gDWIWVuTgsvT2z
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: wayCDMuY9U_GpetaDw9CaD9PmkTRxPvYgn1TI8zg9nmI5aiWXbg0hQ==

GET
H2 200 mystyle.min.css
widget.playoncenter.com/newplayer/css/ Frame 02AC 13 KB
3 KB 10ms
9ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/css/mystyle.min.css
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 53ca68561f8a79b91571146110c4c39f4135605dbf34f5d31a91317c4fa3f2f3

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:23 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-77-nzt-ray: eG7qIJ8NU+I=
age: 291
x-77-cache: HIT
x-cache: HIT
x-age: 17171
content-encoding: br
x-77-nzt: AcO1rzV/mPvvE0MAAA==
x-accel-expires: @1625822592
last-modified: Fri, 07 May 2021 12:10:26 GMT
server: CDN77-Turbo
etag: W/"7158b669130ef28bb14c9f61c6322014"
vary: Accept-Encoding
x-amz-version-id: 5aHqp.uKSQByyAevaPC4Y9NMaWvVlh3_
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: xRmz15__cqhm50BXVqPTWYuhTFszOYHPlWuagKxWNLh9ZTeR7h3Ukw==

GET
H2 200 context.standalone.min.css
widget.playoncenter.com/newplayer/css/ Frame 02AC 4 KB
1 KB 11ms
10ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/css/context.standalone.min.css
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79ea56e3e0f80a917a3b17f3d852e5d71755a11eee8737a7d9ca6a0fc11def67

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:23 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-77-nzt-ray: +0FQ7ZeAvnU=
age: 291
x-77-cache: HIT
x-cache: HIT
x-age: 190021
content-encoding: br
x-77-nzt: AcO1rzV+pLPvReYCAA==
x-accel-expires: @1657099342
last-modified: Thu, 15 Apr 2021 19:47:32 GMT
server: CDN77-Turbo
etag: W/"548d35262a51fde4fd7e4d4f87ab766f"
vary: Accept-Encoding
x-amz-version-id: G7n1zng8oucmRf31LdQpsnblyg09nzmh
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: 5VG_503AB4ORa6-O0k7gVUZrg1XXM-013xa6u6t4icHjBqNGEwBB9A==

GET
H2 200 12557.min.css
widget.playoncenter.com/newplayer/css/config/ifriendly/ Frame 02AC 3 KB
1 KB 11ms
10ms Stylesheet
text/css 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/css/config/ifriendly/12557.min.css
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5983e827e154052ed408794c2a12d7f34ab01097c7c33f18615b9413d4817de6

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:23 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag: W/"a3da11c3b907b29779ba5f0d4298ea3f"
age: 1702712
x-77-cache: HIT
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: HIT
x-age: 16747
content-encoding: br
x-77-nzt: AcO1rzVpeLXva0EAAA==
x-accel-expires: @1625823016
last-modified: Fri, 23 Apr 2021 15:51:00 GMT
server: CDN77-Turbo
x-77-nzt-ray: ie0MjLCTOxs=
vary: Accept-Encoding
x-amz-version-id: w9QO.E9plTFYmG7wNdGlkeJcDpZpuOtm
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: sn3XssCzCNzSEXpQvvPVqACjhVnnY9zFJkcmLjw7hRAUkQVZXsGkWQ==
expires: Thu, 23 Jan 2020 13:02:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 02AC 85 KB
30 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Jul 2022 22:07:03 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0D90 2 KB
414 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 13:19:57 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:23 GMT

GET
H3-29 200 logo4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 957 B
987 B 16ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/logo4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45c9753af41c4373747b5114628575e721f78dd296dcbb79ce319325628960dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 12:53:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 12:53:43 GMT

GET
H3-29 200 logo3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 984 B
1014 B 8ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/logo3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e18990452c4660665ecc847701101844aca533110f763ad90a72c341c1df6639

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 984
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 07:52:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:52:52 GMT

GET
H3-29 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/logo2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd2fd43cbc6d06140d38548e76d09e8b592bad9d9ca0504232e567d0abaafb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 186700
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1039
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 10:17:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 10:17:43 GMT

GET
H3-29 200 btn_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 1 KB
1 KB 19ms
19ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/btn_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0595c528398a21b5b0b9cd47c7a627f3ca5be5d07a05257d51e32e0ec9bfb8fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 191792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 08:52:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:52:51 GMT

GET
H3-29 200 logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 2 KB
2 KB 35ms
34ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/logo1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6f5ed735244dbcb93c0d840a067ee6fb5049e796ea63267154bee356bfc0eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 145257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1937
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 21:48:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 21:48:26 GMT

GET
H3-29 200 t4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 2 KB
2 KB 38ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/t4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8896ab96aab0cf27f6ddcc30b2b20b81aa4791467738c9dfc90f17a14592c713

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1663
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 12:53:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 12:53:43 GMT

GET
H3-29 200 t3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 3 KB
3 KB 77ms
60ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/t3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dd24e0a366225f76f8cd4f950660310e3ae8e022e7dbe56a8208ac9790e836d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3030
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 07:52:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:52:52 GMT

GET
H3-29 200 el3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 13 KB
13 KB 76ms
59ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/el3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a287382a07f02dc8771c6275a8c4228a4883b53cb51df86848ef2f1bebff67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 07:52:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:52:52 GMT

GET
H3-29 200 t2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 3 KB
3 KB 70ms
54ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/t2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

803b1692fd9c85b6632516b4e11109da8a5dd8c1f167baa520593a995726749b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2839
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 12:53:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 12:53:43 GMT

GET
H3-29 200 el2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 20 KB
20 KB 47ms
31ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/el2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5bcc0f8cb9c8f203c993ac3a906de642d5ed8746bb76d8d2cb87b707d39c09

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20514
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Mon, 05 Jul 2021 21:07:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:07:54 GMT

GET
H3-29 200 el1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 19 KB
19 KB 81ms
65ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/el1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fb2aa957d26b4f8aeed3219ca75fb78ea3fedfdd8d6ccf36e42b0d5d8421829

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19044
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 12:53:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 12:53:43 GMT

GET
H3-29 200 t1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 3 KB
3 KB 49ms
44ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/t1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09084a784878c6c9394f8cfd7b7d33937f0ce89a2589b2d386e4c94a74f91627

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 145257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2597
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 21:48:26 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 21:48:26 GMT

GET
H3-29 200 bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 16 KB
16 KB 14ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/bg2.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2919b46841752622f3f4428cdea49b015e3cb258ccec4aefbcf6d447b8c4f34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16269
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 07:52:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:52:52 GMT

GET
H3-29 200 bg1_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/ Frame 449A 6 KB
7 KB 89ms
85ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8872026185954013982/bg1_1.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d08aa06092acdb50cda8da7631e949c734ff672040b2b5d5232979ac89596fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:31 GMT
server: sffe
date: Tue, 06 Jul 2021 07:52:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:52:52 GMT

GET
H3-29 200 logo4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 1 KB
1 KB 20ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/logo4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36397903584ea8b3f102fca9758ff05f5a180a13a6f819f11f8f4966a048ca4f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1108
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 logo3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 1 KB
1 KB 16ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/logo3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85ffc7a2ffb70ca4dc053dd89331706f5506a43301d98214fdbd16513287528

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 1 KB
1 KB 22ms
14ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/logo2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d775e28353e0652cedc190070e753c0414f897a9f5ae7bf52ad146c8289665ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1274
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Mon, 05 Jul 2021 21:07:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:07:50 GMT

GET
H3-29 200 btn_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 1 KB
1 KB 21ms
13ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/btn_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb98681d6103144429920e83682e81717c3930c19c1e4cfe5e812e5a075cbf37

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1387
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 2 KB
2 KB 18ms
11ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/logo1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b201a6bbcc2736786fe2a75fee058a2f87ca2e3edde344e195f9fc08b13eb7e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2151
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Mon, 05 Jul 2021 21:07:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:07:50 GMT

GET
H3-29 200 t4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 5 KB
5 KB 18ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/t4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b88a7c26990a50a713ec9a6f31fa8128b05c805e1933709b34dcb3cfd8bcb1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5280
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 t3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 3 KB
4 KB 29ms
21ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/t3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e62d1a634d0ce661d433179a120506e87f812a7339789899d8395fae013bd033

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3567
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Mon, 05 Jul 2021 21:07:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires: Tue, 05 Jul 2022 21:07:50 GMT

GET
H3-29 200 el3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 14 KB
14 KB 23ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/el3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a55df048ccfc182ace0a4e5df7a0cba805dc9f62e98ee68601737e4e0ece0f9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14363
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 t2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 4 KB
4 KB 37ms
28ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/t2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b32d70e5fddcf04258980e20474ca1e96e1f938fdafc2cb5b6e9c74f6f41321

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3652
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 el2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 18 KB
18 KB 36ms
26ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/el2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e9d1f0b1088aab5d79169246b47827261e6c987a4e5def66e55496b0fb6b36

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 186447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18852
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 10:21:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 10:21:56 GMT

GET
H3-29 200 el1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 14 KB
14 KB 34ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/el1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23939dd61d5e19424d8199ebb1899ac8d7787e1b98d25de8184faab521a2baaa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14758
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 t1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 4 KB
4 KB 32ms
22ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/t1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cfc3e7aaa254035c81c6509e0e3b6b4bc69340bcc5d5410c8114b1faa2689a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 103578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3702
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Wed, 07 Jul 2021 09:23:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Jul 2022 09:23:05 GMT

GET
H3-29 200 bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 27 KB
27 KB 30ms
20ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/bg2.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21accf9b1f5dc5a260e9b3aef86a24f975f28e3a22c7122cf008a2d9e04fda76

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 192921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27314
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Tue, 06 Jul 2021 08:34:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:34:02 GMT

GET
H3-29 200 bg1_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/ Frame 5DB9 7 KB
7 KB 29ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3348909710090640555/bg1_1.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87be0db3511ad6477facd0bffc01046d1ce3807aa9c9fb3c80bc5ee1dacade85

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 103578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7330
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 12:31:30 GMT
server: sffe
date: Wed, 07 Jul 2021 09:23:05 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Jul 2022 09:23:05 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 584C 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:08:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 584C 123 KB
37 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625657928851490"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37883
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 584C 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 14:09:12 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame F1E4 223 KB
37 KB 18ms
11ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 05 Jul 2021 22:35:28 GMT
expires: Tue, 05 Jul 2022 22:35:28 GMT
last-modified: Mon, 03 May 2021 14:21:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 38330
age: 228835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 584C 0
0 25ms
20ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJT00EgfnYLHlMabAxgLIkrCgAuW2js5i_8r3gfYN29keEAEg15TQEWCVAqABlc_o8QPIAQmpArv2Fzkz2rM-qAMByAMCqgTVAU_QCaz536qJYtt1YNOjthxNHewPg8tIY5UcBB0SfRG87I-_ZKd-CJ9YRApl1rFNF97LEJM1HClBSKnljI9vjn0AwXeFx7uBWf7fjwsGfx0Gi7uxp2SJq-MwCGr4I5KY5pOyixo0Z9XSMoafPOJwmR3rgItcQA652T4DNbtWum4gEOKAmuUZSS_31GaskbY2tiOevVxvvWsh_BnjO3RclndJEQPLxecfxM9ZGvsAoX2UrcF0JJN1aCUEvSONELDV-x0N26l9uU3oZi-77uSA4OyVSmRONMAE2qyF2MsDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB9Owlw6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0rYK0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshcaChgIABIUcHViLTg0Mjg2Mjg4NzEyNzM3MzQ&sigh=lG1zy6iQz5U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 08 Jul 2021 14:09:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:23 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27E3 143 B
226 B 12ms
9ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8428628871273734&output=html&h=250&slotname=9848609800&adk=511856824&adf=776186307&pi=t.ma~as.9848609800&w=300&psa=0&format=300x250&url=https%3A%2F%2Feldeber.com.bo%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625753362314&bpp=11&bdt=636&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=1723322934419&frm=24&ife=3&pv=2&ga_vid=1111780967.1625753363&ga_sid=1625753363&ga_hid=215811379&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1635435634&scr_x=-12245933&scr_y=-12245933&eid=31061662&oid=3&pvsid=1029752631104924&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.asa13x7a68ti&fsb=1&dtd=433

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Jul 2021 13:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 react.min.js Show response
unpkg.com/react@15.6.1/dist/ Frame 02AC 23 KB
8 KB 87ms
56ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@15.6.1/dist/react.min.js

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af74f027e61e94ebbcfa38f8307e22ccf6e83a95ebf199816a58dc4d095d181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7204197
fly-request-id: 01F3CGRGYN2WRJY561QCA613XC
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 15 Jun 2017 00:00:25 GMT
server: cloudflare
etag: W/"5a00-o5VF6PlSJ4AB6+AC19vQL+G922c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66b9e3dcaf9297a8-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D3BE 11 KB
8 KB 22ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f308d101d4746f76981cd277ad2fd1132831d1cbcc9ff6c3f33568f7b9ae34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8338
x-xss-protection: 0

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 584C 0
20 B 44ms
44ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLG2u53T0_ECFSagUQodSAkMJA&gqi=EgfnYKqtMaeB2fcP8IWwmAk&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 91A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
17ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 08-Jul-2021 15:09:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 14:09:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D3BE 17 KB
6 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:24 GMT

GET
DATA 200
OK truncated
/ Frame 584C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d523be55290938270eb94f009b516a6df34173b5d52ef13b27815742ae09058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5AE7 42 B
64 B 23ms
21ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuYQN0l3wCLoQFq-iZ0Ps9cCfBiYX1gVm5LG581VmzK8XOpYPiUy_WlKZoNpI9eCQDSxF-zlZPKwBlOn9CU8gqpUB79fL4Z-PrDEY3EYBqmZHfaIlVrCbH_p6wIWmOlXRouA3w0tzvcM9xSmcQo0qn&sai=AMfl-YSvEoiLrXbFcZZb02XknYm0NEq_sZVSWgURJDunWZDV00jQx1UZNISAScbCF3NG4ct-D2cacn9AorpVABy8-67L3yA-_TyM1LMTqkIAyBSKZnY9N4qFCm5ytNk&sig=Cg0ArKJSzIekANYj8EWGEAE&cid=CAASF-RooHHaHuDanRShR3OE9uxmfLTLZ10z&id=lidar2&mcvt=1052&p=5,436,95,1164&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&v=20210707&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4053359582&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625753361395&dlt=560&rpt=91&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D90 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

GET
H3-29 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Logo.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02ab9d3883933c49b321fb264b3e3a49630e5c7f10e6251fead1a76092a7903

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 214277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5102
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 02:38:07 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:38:07 GMT

GET
H3-29 200 composing.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 42 KB
42 KB 9ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/composing.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a54881af4fc9b48716c5a62b0e245049b1195576e34bf01b3259deb347aece76

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 222824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42743
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 00:15:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:15:40 GMT

GET
H3-29 200 Bottom.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 14 KB
14 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Bottom.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1711c534228fdd8f0d0a0a50b83b115c264b30340007236be0148fde08227c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14518
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 15:35:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 15:35:45 GMT

GET
H3-29 200 BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 35 KB
35 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/BG.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3da840f7a6235a91f38fcfaf0547093c7305d1c4e9a218b0797989fcba7e175

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 217416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35682
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 01:45:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:45:48 GMT

GET
H2 200 react-dom.min.js Show response
unpkg.com/react-dom@15.6.1/dist/ Frame 02AC 127 KB
37 KB 48ms
45ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@15.6.1/dist/react-dom.min.js

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

504aa7e7eb72cdecc3e80e4704c35395ce665e49adfa88537c204fb5731a19bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7100698
fly-request-id: 01F3FKF3Q8DH0BSJHKKRRTJ039
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 15 Jun 2017 00:00:27 GMT
server: cloudflare
etag: W/"1fcf5-bX8FhqxO4D+M48dqFAt8NmXUJVs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66b9e3de388397a8-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame F1E4 2 KB
595 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:19:30 GMT
server: ESF
date: Thu, 08 Jul 2021 14:09:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 14:09:24 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 65F8 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 08 Jul 2021 13:41:44 GMT
expires: Fri, 08 Jul 2022 13:41:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2908 783 B
534 B 27ms
25ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e24788a1fc59c9797a8bdc71b28603961cef40d99920e49df79ea474f08114ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sg1RSzd7wCkWiEseewvJ4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

expires: Thu, 08 Jul 2021 14:09:24 GMT
date: Thu, 08 Jul 2021 14:09:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sg1RSzd7wCkWiEseewvJ4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F1E4 16 KB
6 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F1E4 26 KB
10 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jul 2021 12:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 0D90 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 35 KB
35 KB 38ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/BG.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3da840f7a6235a91f38fcfaf0547093c7305d1c4e9a218b0797989fcba7e175

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 217416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35682
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 01:45:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:45:48 GMT

GET
H3-29 200 Bottom.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 0D90 14 KB
14 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Bottom.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1711c534228fdd8f0d0a0a50b83b115c264b30340007236be0148fde08227c6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14518
x-xss-protection: 0
last-modified: Fri, 28 May 2021 09:13:00 GMT
server: sffe
date: Tue, 06 Jul 2021 15:35:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 15:35:45 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

19ms
14ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 08-Jul-2021 15:09:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Jul 2021 14:09:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Jul 2021 14:09:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame F1E4 23 KB
23 KB 31ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 203543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:37:01 GMT

GET
H3-29 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame F1E4 17 KB
17 KB 21ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:33:11 GMT
x-content-type-options: nosniff
age: 214573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17268
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:47:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:33:11 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame F1E4 22 KB
22 KB 30ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:38:05 GMT
x-content-type-options: nosniff
age: 203479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:38:05 GMT

GET
H2 200 translatordata.js Show response
widget.playoncenter.com/newplayer/language/ Frame 02AC 13 KB
4 KB 19ms
12ms Script
text/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/language/translatordata.js
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4f47e252095b314336d303f2e1acd31307e9dcc1f771f02eb5520dd2680e4a6e

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:24 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
etag: W/"c5d61d2de16ba5cb7c14787d1d11394e"
age: 1000
x-77-cache: HIT
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: HIT
x-age: 190021
content-encoding: br
x-77-nzt: AcO1rzX0gtTvReYCAA==
x-accel-expires: @1940923343
last-modified: Mon, 10 May 2021 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: Rw+aRhsPLII=
vary: Accept-Encoding
x-amz-version-id: HLDGv_cfh0Ydqwad_9Gl1EhsZ1rZ7g7f
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: 6BeJSVf5mPTJ0tV4COGNRqltzzi8g4veMpc7NRn2QkoeFQWRxv9XmQ==
expires: Thu, 10 Jun 2021 08:42:58 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070101&jk=2111938832436997&bg=!3t2l3ZnNAAYo4NJEKOA7ACkAdvg8WvAn-OqwOrq0wbwjV_5-VLnEYM0rY83eSKAgkXnB64lra8TFOgIAAAmiUgAAAKpoAQcKAN3FTQQnjjaDBbNuVuCZjUo5cZJJLeALZ5AFdTszfvdk_Ddrjsul5VAc4bBUuopcCq_tHYnNXEY2l2pt013fEfG0yqUVorxyjAF-MO58sRin5YPhNyDf1DAS7Eo_gx4ZMfdNHatBnu1opn6NIaTf1aeQFt1HAZHQreUVZTV6ABvgr3o-rIu8-AGa7dTL17IA1GNr-423ZrJ6bGngeElggogZPIEbZtbIGXjSmsSIGviOY1SJ4q7GNTKep49EWT7QTPvqIjnU7xnF4ox752cZlA5qJwgKAmZQP-CrUlu36ZkCb75iKNMiS3dwfR9-KTdO2ewmlxw6fC8EeDjbOvELODJJltB5UF2fE3RsaguSiTb0oT1uoTeJvhM9RMyQU2lD6C2QOYcrnxp3ouyphci9Be0RdTHqUIK2fEdj8wjTOvUTtYRZKVUGUl2Sh-n5vC4x1wOYzvidGzDiPsiOzYoss2PEIB9qPKyXM_V8XhFy7opZGZyFE-kwnA8ovo2uTcVXshoNGJFnpzpquJLdHfCXqSU9LS-easRxnPO80zgoqo9iW1hQEN3vK8Zxzy0nMDX4hfsmLj1I2BAgWOgArXZf9F5S78vWGVx87FppsoLAt6UIpYkT2x9AXD7AcLDwZqhKecM4Yvbx9YEOipipD9mV3EnN7kP1QHoaTfMd4nLN9yaO54WOR_PcZzPUenPHgQwx3k06DLVIfCLQSBRbfZWasBRsidqybzEA2fHWnjWWDOawQcMDFWALFLGzu2a8eCSSSJsxvz2pM_t-106YI71Y7hsgd-14m4USEE6903q-ibO4RKRoOGqRiGw5dTwreLEL8sRilh90xmwcnl38NOOFtdcwAen7DF3a7Wl2t_LbLb8KKcM9Yg8dtuMq9B2hjLXzdoTZ9YXRTne4DnWlOrj13tzM6nwQhnivXQvbga5-8InuX0RdlwKVYvA-UU0sQ2eJk42xGbAc6pxTGq1wzc4Shn4t4N3yqGUVbTeziQ6UBbzTxYYZcaDNr5qrBmEX6pr7S1aPS5mWjcHHaMtjPrCKgILsGE2slucq32CUXl7vSsTyuxXo7da65lsAjgqdup9j5_HR_GaNqUnSN7uEzMrKOIe46emC0YFNWUykNqa_n_A1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F16F 0
0 208ms
81ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3u8Zlbub_Nz_phYW6jpYnCLkBcb1yFsN_PKGKg6kYhIK69CUklYK3Kne08MC-PPeAyDzdPJnVxBbNzRNMGPlrAZJzY38JULcbHCulPsENj4KMcxRlg0jwDFy2WLaByWbehY-8wWgUWUJ7oDnrqpwmvOfqy-rpLRSi6ALz-QuRFzLHZ9ekRofmrlPw_Leut6O9a5YxbMyQNRkoCKAfLGRYiFn8PIs5N2PLf9PeAPR94QnTp-nffbnHhwdDJEBUGybFQ9yrtdEtdvqaXbVDSOw5mlWKOGXu_1zQCszN5MhehqgA&sig=Cg0ArKJSzFZfID9gTjGHEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Jul 2021 14:09:24 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F16F 11 KB
8 KB 25ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

149990eda174d0d9164c610131d1c1421667f9d932f8c73584d083f3c8a11157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8361
x-xss-protection: 0

GET
H2 200 player.compress.po.js Show response
widget.playoncenter.com/newplayer/js/ Frame 02AC 471 KB
89 KB 35ms
29ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/ifriendly/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 44dcb98425fb701f908dd73dbac6f977f2f4581563b51ff962d2dc58d4764305

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:24 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-77-nzt-ray: XvKFp16ZAzo=
age: 290
x-77-cache: HIT
x-cache: HIT
x-age: 17171
content-encoding: br
x-77-nzt: AcO1rzVHKUvvE0MAAA==
x-accel-expires: @1625822593
last-modified: Thu, 01 Jul 2021 15:16:58 GMT
server: CDN77-Turbo
etag: W/"32145cc83430ea321634167a5293d4c8"
vary: Accept-Encoding
x-amz-version-id: RmAYH_Y.JPnkn5ARymsOBdfTRXhF0FSR
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Awg41TLAAUPdryzsYjTeLH20niEJd4s-r7XKsCbUoGjm6Noh8j5qlA==

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 65F8 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F16F 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:24 GMT

GET
H3-29 200 null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame F1E4 2 KB
2 KB 29ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 214292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 06 Jul 2021 02:37:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:37:52 GMT

GET
H3-29 200 autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame F1E4 6 KB
6 KB 29ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 183051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 06 Jul 2021 11:18:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:18:33 GMT

GET
H3-29 200 autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame F1E4 48 KB
48 KB 46ms
38ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 181645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49113
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 06 Jul 2021 11:41:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:41:59 GMT

GET
H3-29 200 hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame F1E4 30 KB
30 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 179540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 06 Jul 2021 12:17:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 12:17:04 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3738 12 KB
5 KB 20ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 08 Jul 2021 13:41:44 GMT
expires: Fri, 08 Jul 2022 13:41:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0BD 783 B
536 B 17ms
16ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94b0f2dde386b19e2cbf47a890e5235646c5ec5723787d4e46038df397221c8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BKTAHHZhLe5+Yoi9KZqt7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/

Response headers

expires: Thu, 08 Jul 2021 14:09:24 GMT
date: Thu, 08 Jul 2021 14:09:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-BKTAHHZhLe5+Yoi9KZqt7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 02AC 339 KB
117 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:25 GMT

GET
H2 200 / Show response
widget.playoncenter.com/webservice/video/12557/3003359/600/338/1/last/0/0/ Frame 02AC 3 KB
1 KB 39ms
15ms XHR
application/json 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/webservice/video/12557/3003359/600/338/1/last/0/0/?json=1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/5.3.29
Resource Hash: d6148fee4fe32d170514ae3e055ebd6439465f9a93ece4391e8bd465861b38bc

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:25 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
age: 2822
x-powered-by: PHP/5.3.29
x-77-cache: MISS
x-cache: MISS
content-encoding: br
x-77-nzt: AcO1rzWPL5uB
pragma: no-cache
server: CDN77-Turbo
x-77-nzt-ray: HC74HFDDRb4=
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Accept-Language, Content-Type, Smartycenter-Api-Version
x-amz-cf-id: jlkD0EWl_Q9cla_BGc0IKiQt2o_2uNV0kZWIul1tLQx_7rb_vG0nww==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 5ecb7ecea7111f6ceb6363b1.meta.json Show response
cdn.vidcrunch.com/ Frame 02AC 3 KB
4 KB 240ms
61ms XHR
application/json 69.16.175.10
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5ecb7ecea7111f6ceb6363b1.meta.json?cache=862021
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Memphis, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b57139a86ad73af6f50be4ad57e6c8de7218d6622d3441e6796c00d0d9a6d961

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:25 GMT
Last-Modified: Thu, 17 Jun 2021 00:21:09 GMT
Server: AmazonS3
x-amz-request-id: 7PKFDKSKHS35WCWS
ETag: "8ae527bc7a5b0d96dcb3ba4fafa5c788"
X-HW: 1625753365.dop217.lo4.t,1625753365.cds275.lo4.shn,1625753365.dop217.lo4.t,1625753365.cds098.lo4.c
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=29760916
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3010
x-amz-id-2: Hm3nQktmaHpXwImqF5R669y1l0yuYfESoNZDkxxFFvPYehUd7qGsOHWkJKq9XB5x5RmMCZbbnGU=

GET
H3-29 200 yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3738 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yXHsSCk3YzWUbRvqoZHyxkpI6JVLQi3qNywtkCkXe5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 07:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5747
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:16:51 GMT

OPTIONS
H/1.1 200
OK vinfo.php
ssp.api.tappx.com/cov/v1/COV34906PC1594909233/ Frame 0
0 157ms
52ms Preflight
application/json 35.204.47.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.api.tappx.com/cov/v1/COV34906PC1594909233/vinfo.php?key=test&cb=1603809238
Protocol: HTTP/1.1
Server: 35.204.47.73 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://eldeber.com.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 08 Jul 2021 14:09:25 GMT
content-type: application/json
transfer-encoding: chunked
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://eldeber.com.bo
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

POST
H/1.1 200
OK vinfo.php Show response
ssp.api.tappx.com/cov/v1/COV34906PC1594909233/ Frame 02AC 9 B
332 B 56ms
55ms XHR
application/json 35.204.47.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.api.tappx.com/cov/v1/COV34906PC1594909233/vinfo.php?key=test&cb=1603809238
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.204.47.73 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: fcb7f9541707070da99ccb825666ee9833f3ad568a14fcea88ccfc85aa44370b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 08 Jul 2021 14:09:25 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://eldeber.com.bo
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK 5ecb7ecea7111f6ceb6363b1.thumbnail.png
cdn.vidcrunch.com/ Frame 02AC 742 KB
743 KB 215ms
55ms Image
image/png 69.16.175.10
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/5ecb7ecea7111f6ceb6363b1.thumbnail.png?cache=862021
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Memphis, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70ebb9144c5af4ee42974984bbca960806fc4d0e7aaf130b46d52e40cae3fc48

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:25 GMT
Last-Modified: Thu, 17 Jun 2021 00:21:09 GMT
Server: AmazonS3
x-amz-request-id: PDJ521FXNRAFQ0ZD
ETag: "391fe296ff612a75139708215bd9fc51"
X-HW: 1625753365.dop085.lo4.t,1625753365.cds254.lo4.shn,1625753365.dop085.lo4.t,1625753365.cds080.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=29672565
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 760099
x-amz-id-2: 6vZL6Yqvkc98iYn9vwfGhefbuXI8rC5Uv78hgXM7LqMp6wkR9/8CjW4bUTgLSfTX2Sgn/DUrIjI=

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3BE 0
20 B 48ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=2832163948655094&bg=!GRqlGl7NAAYo4NJEKOA7ACkAdvg8WnOAe_nbY02pj_pvno0QXMfkfVoAjBBtY_7Pmhc_5SAbnkFG5QIAAAKlUgAAABxoAQcKAEmO5znFZzQQcQ7RQgflmeqifsX2Bw4KJkidW8J-i9zgvfA64OisU9I8rG2woSZyL9QuoVlxJ3o27D7IRNlBaJop5EuganmJ9jB2mQKiiescDJ_eOf7_Vd30YBKO8jVCvOVAfYkhietM-5octANqc20d5PndOAQTCRMnQj5FJhcOxJpIn7pGiQB81X4lFVjHbbnAzyZRE0zSIrcXrQK80UQoWNB2HHKgqfVivZ5zyqZW-hy7kgh2aA5c6mT1jjlycbscMn4r0NQ-vWqEkHa6G_bBh4OlAR_ScVni-nm_QDmdI8CDe1egkgDQ27xTs7e2Svf_Qc0Zep7xfctrntav0uMgPX-nv7RDWn7sYmUpUWXYzlLtkJFeWoAyNgbzE2G3n44pBy98ER8A4D-XveTtpnHbQXsLCJeNxl8xOdh5xPJTRKV6WKfzS4VE3FoANIbVjbv8zHEuLCmxvXk67oXBQx14qQRzTTjbGjcq4TO-Zy_IulrFJcwOLLL8_2ZB3iNx089U_zHoKOTLsZQBPAGvoUZoMeyVfJUOuWcULNdVvkg6IZaXo1mDtmWV0-w-wlmWVxfJekxiKKezO0OUVf9G2iFXQHdeFT9sk3vZb1Jvq3TV_jsbg8Es4VPCy6V3vpcc5DDcEnBSSug7ZcExaR5ykQM13l2f-vWIvnB4qePi4ggmg70ijbgz7yrpEoiT9AIxTGdmMhDCT5dDrggFNu3vs3ZFLpLLb0TDt07oePz6ZPNLZSXup723o2Chby0H4OK6ZHCVmxgJ9QRkmTc30VHSFnOsnwem5ztgFVFpq9_ylQ4gKnSyZGoLU2nmYJG6vG0y5WmGy5oJ8lHjkD1IJM_mw91gax-494qZhp0LMjrgvOPpGbXVKCSdZ41t1ZLg6Fo7Ft4UXDWeeNLoj0Ii0S3TR8vY4bb8CfTFyJmZxMBoPU1cEOUu48U2FhPH19MbEXAoSpYl1KKFyVDhOOdoac4gsENpPWjNIMK3Bg6hbym50XM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F16F 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=1029752631104924&bg=!Dg2lDUnNAAYo4NJEKOA7ACkAdvg8WiqH7-QJxrWorEHMUBJruUuJn0rF5KS-wqfYyvcuzPLh8dziJwIAAAEzUgAAABBoAQcKAHbh3GlrQxHVBhW7lxA-xlbDVEhWhsu8Bcc0TF-cuy3VSgKdnD5J0ER1a4dO_jg0XLY0eU-WOTp4idZezcRXDRGmd00jYraEWcEsM96NjNN6HsJfIg3iOoRcfjfAXdqYTf0uJLRKNgcvdTDc7g_h1y-SXcZt2VTEmQK5SUm2YRF-kWa3yDAB9yYSK14x56cEigmj0w0Hz6CkqScW_oEP1OdnYeYxUU8IkR50QWbWuIm3OZuZO-OugPXfNQVGmUpmq7UL_lCkqv8RA_d_0IgzvzOyPQPsSPBtWqnNztWtCu3b7j_58LTnsE9-lv0QTS5x4JToN2FYZ-Hwk5v8ufyv9UxzDCeD1yKdck2WEQuqFQ2sRAYiJR4EVxq3jJgyZzpWAKMpZ4QAooaw1wGBuhrXdvJneYEgd_gQPLpHjtDo-g8tX6g5A8NyxWRaXhaa3CdE3KJ4iM206Y2_DJPmS634nm2jilsbpsZVmJqwQhtZnLKO1Dn7aiToUv24SpnqP2c-Dy2PeRHgVbzMSaLX343r6DwI5_Rmr2tlO2gp2-ydZJZ3w1uYT74We08yk4DE-1XGika0fml1yWmeSGZVVsUr405qYXXtt_R4QzxRAG8b8DsOmYsXlNf25g8B9_8EC0aIo6rGR6c55fKTihF1iTMdmgHXD7obqRJ7W4USwLeGwS8eEEpuxZiV6H9TtaInfhTuTuH_NnKp9FRWE5otGMEc3MVP5WquQr4-NMiOdkradbzt9e7RVms86MoHggBHN4kjSZdiTrmkUsxmT5J6otHPD4cuFtvJ6KyQhHz2xFpm-mGQDy_jZ1XYUbPfn1RBwu05DQgL5FmHLeHNp8shYK0HJA0qUqx5qoxKF5dQ4BTTgSshF9oBvYHfF3xSfQm7vMVVDs6Yu5qf7-jxhFNVonNzDjX5uAdZCs-7tTUiaoWU4WvP8GB7n5Pffh5EazYxzlftCujyVdjsw9mRf1pTyECh5ax7b1w-5OrCCJF7qyLbtFyW3TsSnZ0-dROmhp7MVsfk5jZNDTUNTAFnXAaS-JIk7G2WkAcLiiizHDXgW_0bgdwgFxuQ7c9i-LNmp524VDCcdTs0zw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 @x31 Show response
frontalidsp.playoncenter.com/es/ Frame 02AC 18 KB
19 KB 714ms
577ms XHR
text/html 54.73.173.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontalidsp.playoncenter.com/es/@x31?AffiliateID=12557&source=ismarty&sycvid=3003359&kws=noticias&format_sc=html5&_RM_HTML_URLAFFID_=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&allTypes=1&videoType=4&gdpr=0&gdpr_consent=
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.173.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/7.3.19
Resource Hash: 949c7136efa355fe670800c0bc96bd6e6506cf214995d1ed4d138211d0009d03

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:28 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.19
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache,no-store,private
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 prebid4.42.1.js Show response
widget.playoncenter.com/newplayer/js/ Frame 02AC 230 KB
65 KB 22ms
22ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.playoncenter.com/newplayer/js/prebid4.42.1.js
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c570a5b93d3441f3f8b0e89a8f83225465fa6050c206f78345f85f53f7561ff

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 14:09:28 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-77-nzt-ray: h8eNzoMDgQg=
age: 244
x-77-cache: HIT
x-cache: HIT
x-age: 190066
content-encoding: br
x-77-nzt: AcO1rzVPH4DvcuYCAA==
x-accel-expires: @1626600102
last-modified: Tue, 06 Jul 2021 09:16:48 GMT
server: CDN77-Turbo
etag: W/"062dfc1f46d3cf26c86d1efc39015804"
vary: Accept-Encoding
x-amz-version-id: Lp_cPDApP3IDKqjPn.khQr5mSnX5O1xE
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: RXuYYkiI8mef6RLekRv3XJA9w91jIggcv3IPS5MlF6hjEitzH0Qt0A==

GET
H/1.1 200
OK 9316961 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 02AC 1 KB
2 KB 184ms
79ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/9316961?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 082a5f1113b3a8cc6a85ed7fc570b60021f137c478e8c77dc612e31f5295e57f

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1150
x-sticky-vk: 1625753368801025-389
Expires: Thu, 08 Jul 2021 14:09:28 GMT

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
240 B 142ms
54ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22252018&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:28 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/11924/325750/1692096/201/ Frame 02AC 2 KB
2 KB 157ms
51ms XHR
text/xml 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/11924/325750/1692096/201/vast.xml?tg_c.language=es&width=448&height=253&gdpr=0&gdpr_consent=&rp_schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 07d2084d9a4b99405973776a8546ca6a8b7e176800edc2b272a0efdccbd962ac

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:28 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 977
Expires: Thu, 08 Jul 2021 14:09:28 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 02AC 915 B
1 KB 33ms
14ms XHR
text/xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=88549977&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F43606300%2FPlayoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Deldeber.com.bo%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26vad_type%3Dlinear%26gdpr=0%26gdpr_consent=

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ee56f42c32f2114ae6743f3dfea9b1dec1c844d7dd9177fff7bea9de841e24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://eldeber.com.bo
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 569
x-xss-protection: 0

GET
H2 200 / Show response
s.richaudience.com/vid/T9CKFSYu5o/88549977/ Frame 02AC 160 B
363 B 199ms
56ms XHR
text/xml 168.119.138.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/T9CKFSYu5o/88549977/?hasConsent=0&consentString=&mref=https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:28 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding, Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
241 B 140ms
53ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22260509&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:28 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK 10398289 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 02AC 1 KB
2 KB 174ms
71ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/10398289?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dcb7f38e11a4d27d65879ee3be213baed3afaf7075d15e7c16098aea06fe3de2

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1152
x-sticky-vk: 1625753368808023-368
Expires: Thu, 08 Jul 2021 14:09:28 GMT

GET
H/1.1 200
OK 4270257 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 02AC 1 KB
2 KB 167ms
64ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/4270257?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 222403538658aa5d1ddee1fde826dadbe1aa7d5137d5b92300537781d9f501a8

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1150
x-sticky-vk: 1625753368809015-356
Expires: Thu, 08 Jul 2021 14:09:28 GMT

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
240 B 139ms
54ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22252301&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:28 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 204
No Content VZ34906PO Show response
ssp.api.tappx.com/rtb/v2/ Frame 02AC 0
394 B 486ms
254ms XHR
text/html 35.204.47.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.api.tappx.com/rtb/v2/VZ34906PO?type_cnn=prebidjs&v=0.1.10623&pbjsv=v5.3.0
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/prebid4.42.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.204.47.73 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 14:09:29 GMT
x-openrtb-version: 2.3.1
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
x-frontal: eu-gcp-ssp-0ffr
cache-control: no-cache
access-control-allow-credentials: true
x-time: 173
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4A78 330 KB
112 KB 21ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1625753369.dop239.fr8.shc,1625753369.dop239.fr8.t,1625753369.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 4A78 25 KB
25 KB 54ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1625753369385
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:29 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1625753369.dop159.fr8.t,1625753369.cds097.fr8.shn,1625753369.cds097.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
597 B 168ms
62ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1625753369372093-419
Expires: Thu, 08 Jul 2021 14:09:29 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4A78 301 B
852 B 65ms
65ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=9316961&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:30 GMT
Server: nginx
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1625753370501071-420
Expires: Thu, 08 Jul 2021 14:09:30 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4A78 67 B
0 286ms
237ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9316961&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1!playoncenter.com%2C38360%2C1&vav=55fa96bd29bc4a018b5fbf5f12091ec2&vaviv=175a1f77c0baedc39ec0a2fc329b395b&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&playerSize=448x253&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:30 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1625753370688006-422
Expires: Thu, 08 Jul 2021 14:09:30 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

170 B
523 B

144ms
51ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753370749010-425
Expires: Thu, 08 Jul 2021 14:09:30 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

676ms
141ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:31 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753370650067-378
Expires: Thu, 08 Jul 2021 14:09:30 GMT

GET
H2 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8B6C 576 KB
189 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 02AC 44 KB
17 KB 462ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 02AC 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B410 36 KB
12 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8B6C 0
591 B 176ms
60ms XHR
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21816936232%2Feldebercombo&description_url=https%3A%2F%2Feldeber.com.bo&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=120000000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2966079560346319&vpmute=0&vpa=click&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&vpos=preroll&videoad_start_delay=0&frm=0&osd=2&sdr=1&is_amp=0&hl=en&u_so=l&sdkv=h.3.470.1&vis=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3596107188&sdk_apis=2%2C8&media_url=https%3A%2F%2Fcdn.vidcrunch.com%2F5ecb7ecea7111f6ceb6363b1.mp4%3Fcache%3D862021&sid=0D1E888B-030D-4C0D-A770-8513A166ED39&dt=1625753371540&cookie_enabled=1&scor=4187172625237955&ged=ve4_td10_tt1_pd10_la10000_er886.11.1139.459_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge-31032.js Show response
video-ads.rubiconproject.com/video/ Frame 1717 64 KB
20 KB 194ms
80ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 09:40:09 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "100d7-5bfd76a7cf040-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 19979

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
240 B 47ms
46ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22252018&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:31 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/11924/325750/1692096/201/ Frame 02AC 2 KB
2 KB 53ms
52ms XHR
text/xml 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/11924/325750/1692096/201/vast.xml?tg_c.language=es&width=448&height=253&gdpr=0&gdpr_consent=&rp_schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 07d2084d9a4b99405973776a8546ca6a8b7e176800edc2b272a0efdccbd962ac

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:31 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 977
Expires: Thu, 08 Jul 2021 14:09:31 GMT

GET
H3-29 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 02AC 915 B
592 B 30ms
15ms XHR
text/xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ee56f42c32f2114ae6743f3dfea9b1dec1c844d7dd9177fff7bea9de841e24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://eldeber.com.bo
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 569
x-xss-protection: 0

GET
H2 200 / Show response
s.richaudience.com/vid/T9CKFSYu5o/88549977/ Frame 02AC 160 B
363 B 60ms
59ms XHR
text/xml 168.119.138.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/T9CKFSYu5o/88549977/?hasConsent=0&consentString=&mref=https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:31 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding, Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://eldeber.com.bo
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
240 B 46ms
45ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22260509&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:31 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 advast Show response
ad.360yield.com/ Frame 02AC 27 B
240 B 46ms
45ms XHR
application/xml 52.58.167.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22252301&w=16&h=9&gdpr=&minduration=1&maxduration=120&player_width=448&player_height=253&referrer=eldeber.com.bo&vast_version=2&vpaid_version=2&video_format_type=mp4&us_privacy={CCPA_Consent_String}&schain=1.0,1!playoncenter.com,38360,1
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.167.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://eldeber.com.bo
date: Thu, 08 Jul 2021 14:09:31 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1933 576 KB
189 KB 24ms
8ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 02AC 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0628 36 KB
12 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1933 0
23 B 110ms
57ms XHR
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21816936232%2Feldebercombo&description_url=https%3A%2F%2Feldeber.com.bo&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=120000000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2706911700337042&vpmute=0&vpa=click&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&vpos=preroll&videoad_start_delay=0&frm=0&osd=2&sdr=1&is_amp=0&hl=en&u_so=l&sdkv=h.3.470.1&vis=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=147553507&sdk_apis=2%2C8&media_url=https%3A%2F%2Fcdn.vidcrunch.com%2F5ecb7ecea7111f6ceb6363b1.mp4%3Fcache%3D862021&sid=0D1E888B-030D-4C0D-A770-8513A166ED39&dt=1625753372081&cookie_enabled=1&scor=1427004531029815&ged=ve4_td10_tt1_pd10_la10000_er885.10.1035.310_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge-31032.js Show response
video-ads.rubiconproject.com/video/ Frame 6B0A 64 KB
20 KB 62ms
61ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 09:40:09 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "100d7-5bfd76a7cf040-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 19979

GET
H/1.1 200
OK usersync.php
ssp.api.tappx.com/cs/ Frame 02AC 0
194 B 57ms
57ms Image
text/html 35.204.47.73
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.api.tappx.com/cs/usersync.php?&type=img
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.204.47.73 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:32 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 1717 28 B
1 KB 234ms
144ms XHR
application/xml 18.156.190.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=11924&site_id=325750&zone_id=1692096&size_id=201&tg_c.language=es&width=351&height=199&rp_schain=1.0,1!playoncenter.com,38487,1&p_window.depth=0&rf=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&p_window.url=&p_window.w=450&p_window.h=255&p_aso.video.ext.ad.w=640&p_aso.video.ext.ad.h=360&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=2785585697499637.5&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:33 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 6B0A 28 B
889 B 155ms
155ms XHR
application/xml 18.156.190.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=11924&site_id=325750&zone_id=1692096&size_id=201&tg_c.language=es&width=351&height=199&rp_schain=1.0,1!playoncenter.com,38487,1&p_window.depth=0&rf=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&p_window.url=&p_window.w=450&p_window.h=255&p_aso.video.ext.ad.w=640&p_aso.video.ext.ad.h=360&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7269483098780627&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:33 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame DEA9 576 KB
189 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 02AC 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9B7F 36 KB
12 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DEA9 0
23 B 60ms
59ms XHR
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21631112852%2Fplayoncontent%2Feldeber&description_url=eldeber.com.bo&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&env=vp&correlator=1466516749103752&vpmute=0&vpa=click&vad_type=linear&vpos=preroll&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1172142147&sdk_apis=2%2C8&media_url=https%3A%2F%2Fcdn.vidcrunch.com%2F5ecb7ecea7111f6ceb6363b1.mp4%3Fcache%3D862021&sid=0D1E888B-030D-4C0D-A770-8513A166ED39&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&dt=1625753373865&cookie_enabled=1&scor=803659961433466&ged=ve4_td12_tt3_pd12_la12000_er886.11.1139.459_vi0.0.1200.1600_vp100_ts2_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6F08 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Playoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Deldeber.com.bo%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26vad_type%3Dlinear%26gdpr%3D0%26gdpr_consent%3D%26channel%3Dvastadp&correlator=88549977

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95a6503f27fa906e10efef5eb55297a9a4736074be4fee64df869cb8d5f2246a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 21:18:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16110
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:24:33 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6F08 339 KB
116 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/43606300/Playoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP%26description_url%3Deldeber.com.bo%26tfcd%3D0%26npa%3D0%26sz%3D640x360%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26vad_type%3Dlinear%26gdpr%3D0%26gdpr_consent%3D%26channel%3Dvastadp&correlator=88549977

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:33 GMT

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 34D0 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 02AC 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8D50 36 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 34D0 0
23 B 58ms
58ms XHR
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21631112852%2Fplayoncontent%2Feldeber&description_url=eldeber.com.bo&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&env=vp&correlator=1475405293977333&vpmute=0&vpa=click&vad_type=linear&vpos=preroll&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=417114717&sdk_apis=2%2C8&media_url=https%3A%2F%2Fcdn.vidcrunch.com%2F5ecb7ecea7111f6ceb6363b1.mp4%3Fcache%3D862021&sid=0D1E888B-030D-4C0D-A770-8513A166ED39&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&dt=1625753374239&cookie_enabled=1&scor=3669772128375708&ged=ve4_td12_tt3_pd12_la12000_er885.10.1035.310_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C272 44 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95a6503f27fa906e10efef5eb55297a9a4736074be4fee64df869cb8d5f2246a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 21:18:22 GMT
server: sffe
age: 1
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16110
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:24:33 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C272 339 KB
116 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:34 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F08 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.4019005297619098&wt=1625753375238&sdkv=h.3.470.1&xai=undefined&url=2,https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032$0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 98A7 576 KB
189 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6F08 44 KB
16 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:35 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6F08 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6DBB 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 98A7 156 B
142 B 264ms
263ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43606300%2FPlayoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP&description_url=eldeber.com.bo&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=0&type=js&nofb=1&vad_type=linear&gdpr=0&gdpr_consent&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.470.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3749972051&sdk_apis=2%2C8&media_url=https%3A%2F%2Fcdn.vidcrunch.com%2F5ecb7ecea7111f6ceb6363b1.mp4%3Fcache%3D862021&sid=2F0906B9-1D43-481A-AE08-39994FA529DC&eid=40819805&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&dt=1625753375327&cookie_enabled=1&correlator=88549977&scor=3964984102580901&ged=ve4_td1_tt0_pd1_la1000_er885.10.885.10_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B6B8 330 KB
112 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1625753369.dop239.fr8.shc,1625753369.dop239.fr8.t,1625753375.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C272 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.9982680671951343&wt=1625753375612&sdkv=h.3.470.1&xai=undefined&url=2,https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032$0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame FABD 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eldeber.com.bo/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eldeber.com.bo/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 06 Jul 2021 02:41:58 GMT
expires: Wed, 06 Jul 2022 02:41:58 GMT
last-modified: Thu, 01 Jul 2021 21:15:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 214057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C272 44 KB
16 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 08 Jul 2021 14:09:35 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C272 107 B
122 B 21ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eldeber.com.bo

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET auto-user-sync
ads.stickyadstv.com/ Frame B6B8 0
0

GET

stv
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=73d5de5e4bb521d941960c8dc3a417&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l091e_6982557576987567008
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=54ba8e7d-facd-40cf-87ca-2f406cc3dd98
https://pr-bh.ybp.yahoo.com/sync/stickyads/73d5de5e4bb521d941960c8dc3a417&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ao7pOlxE2oPbqrU7DRFBkLk6S_DkUJda4d_.NbVA~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3766487119844245642
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d33160e7-0720-4200-b7fe-60811f1241d3&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9219803497899948812
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=zVHHqcin1M1uIF5
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1

0
0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 26BD 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 14:53:03 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FABD 156 B
142 B 224ms
224ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43606300%2FPlayoncontent_Eldeber_Dir_Des_VidAdIn_Lis_MC_CTP&description_url=eldeber.com.bo&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=0&type=js&nofb=1&vad_type=linear&gdpr=0&gdpr_consent&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.470.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3749972051&sdk_apis=2%2C8&sid=BD10AAB4-8B05-4105-BF34-CBC7362DAE16&eid=44736293&url=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&dt=1625753375761&cookie_enabled=1&correlator=88549977&scor=3163629998916296&ged=ve4_td2_tt0_pd2_la2000_er885.10.1140.460_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 processPlayerData Show response
frontalidsp.playoncenter.com/ Frame 02AC 480 B
793 B 136ms
136ms XHR
text/html 54.73.173.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontalidsp.playoncenter.com/processPlayerData
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.173.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/7.3.19
Resource Hash: 5bdbc168879aff04174096e814f24ab52584106593bdea1c74f62008f902cc5b

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:36 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.19
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache,no-store,private
access-control-allow-credentials: true
content-type: text/html;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 site.min.js Show response
scrapping.theadwatch.com/ Frame 02AC 1 KB
1 KB 155ms
42ms Script
application/javascript 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3995fe5329a05c2f6a8e293e1465212e648831dfd194e1b263015bad6cf396a0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 10:59:05 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 12:14:06 GMT
server: AmazonS3
age: 11432
etag: W/"6e5cfe5c796f8a072c31c03938c87f56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: MvNJ0F77ydYQjbruRPm_q0Zmtam1vfVV
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: HLqsHqCnmQxP9SyLapTpLYth4Kbk23T7TWNuKmxeDJwtB9xCpM8lMg==

GET
H2 200 display.adw.min.js Show response
scrapping.theadwatch.com/ Frame 02AC 82 KB
27 KB 51ms
51ms Script
application/javascript 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scrapping.theadwatch.com/display.adw.min.js
Requested by: Host: scrapping.theadwatch.com
URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8be6abc4d57f07fd6283c28109a08d70216537088f8f3269590e1f94be4d499

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 10:59:05 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 10:54:43 GMT
server: AmazonS3
age: 11432
etag: W/"6786a16762375af343d0fbb992267d8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kBTUqC5.sBGw2WleYQihEAeglGyHiB2B
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: cteXgX9MP4xFXq2Cd2pv9ToG_MsBgPhmZo_PmOZjLnyYSsE4XXHnbw==

POST
H2 200 ads Show response
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 02AC 2 B
385 B 108ms
107ms Fetch
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Requested by: Host: scrapping.theadwatch.com
URL: https://scrapping.theadwatch.com/display.adw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jul 2021 14:09:36 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 42aec840-37a0-4fa1-9a19-78f8c5f8cf7e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
accept: application/json
x-amzn-trace-id: Root=1-60e70720-07901fd402a5f87d2e4724b6;Sampled=0
x-amz-apigw-id: CJ4NJEyDjoEFSkA=
content-length: 2
x-amz-cf-id: tpFmGzLDWVuGay1Ce5KI_rCh3GvYgFM0FG3ixQBwW6YVsEpeqEjAqA==

OPTIONS
H2 200 ads
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 0
0 193ms
81ms Preflight
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Protocol: H2
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://eldeber.com.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 08 Jul 2021 14:09:36 GMT
x-amzn-requestid: 97dd57b1-86ac-4b5a-b1e1-2874d7cc35c9
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: CJ4NJEO6DoEF4JQ=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QY1M6QpN5UjdxtIhE43mRnbZk4E8_5vRhBXwfalbMa7xC0oZCJAANA==

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame B6B8 301 B
806 B 62ms
61ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=10398289&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:36 GMT
Server: nginx
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1625753376896026-400
Expires: Thu, 08 Jul 2021 14:09:36 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B6B8 67 B
0 162ms
161ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=10398289&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1!playoncenter.com%2C38360%2C1&vav=c8d61872636fc5fb04aeb5f4fa7d4e3c&vaviv=606f8d99bc43de890fe58613503f29a1&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&playerSize=448x253&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:37 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1625753376713063-598
Expires: Thu, 08 Jul 2021 14:09:37 GMT

GET user-matching
ads.stickyadstv.com/ Frame B6B8 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

170 B
188 B

63ms
61ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:37 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753377030016-394
Expires: Thu, 08 Jul 2021 14:09:37 GMT

GET user-matching
ads.stickyadstv.com/ Frame B6B8 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

138ms
137ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:37 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:37 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753376982065-376
Expires: Thu, 08 Jul 2021 14:09:37 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B77B 330 KB
112 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: eldeber.com.bo
URL: https://eldeber.com.bo/mundo/actriz-porno-cobro-por-callar-relacion-con-trump_59032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 14:09:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1625753369.dop239.fr8.shc,1625753369.dop239.fr8.t,1625753377.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET auto-user-sync
ads.stickyadstv.com/ Frame B77B 0
0

GET

stickyads
sync.adotmob.com/cookie/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=088e60e7-0720-4b00-906c-5260eb660ec3&gdpr=0&gdpr_consent=null
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdp...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YOcHIQACimb9PgAC&gdpr=0&gdpr_consent=null&_test=YOcHIQACimb9PgAC
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAKtk7Bzg4AADbPPiM0gA&gdpr=0&gdpr_consent=null
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3010157204683759290
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=

0
0

POST
H2 200 ads Show response
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 02AC 2 B
384 B 106ms
105ms Fetch
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Requested by: Host: scrapping.theadwatch.com
URL: https://scrapping.theadwatch.com/display.adw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jul 2021 14:09:37 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: b00ef0ed-56b1-428d-b319-f3f8c32c4c2c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
accept: application/json
x-amzn-trace-id: Root=1-60e70721-62b8d6bd1213b60d6580b637;Sampled=0
x-amz-apigw-id: CJ4NPH1IjoEF0Tg=
content-length: 2
x-amz-cf-id: kE-S-X3yW-cR18AG1Y_-L9_DXhGqwdKBKsBca4AxErOxtqh1eWzKiQ==

OPTIONS
H2 200 ads
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 0
0 77ms
77ms Preflight
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Protocol: H2
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://eldeber.com.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 08 Jul 2021 14:09:37 GMT
x-amzn-requestid: c6b18f14-b197-4c2a-aa55-10c44a7a60cc
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: CJ4NOHTRjoEFzhw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: kjicyZvMWEjry_-OUpVjcRp3t3y2uw_D_w3m9OrSmCjJxsJpOBtAPQ==

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame B77B 301 B
852 B 63ms
62ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=4270257&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:38 GMT
Server: nginx
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1625753378309064-408
Expires: Thu, 08 Jul 2021 14:09:38 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B77B 67 B
0 151ms
150ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=4270257&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1!playoncenter.com%2C38360%2C1&vav=8f5a57b42a6a60d777e3a8b497839d54&vaviv=73d3b5097762f063be0992824500598c&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&playerSize=448x253&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:38 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://eldeber.com.bo
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1625753378234099-341
Expires: Thu, 08 Jul 2021 14:09:38 GMT

GET user-matching
ads.stickyadstv.com/ Frame B77B 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:38 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzNkNWRlNWU0YmI1MjFkOTQxOTYwYzhkYzNhNDE3&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753378347083-391
Expires: Thu, 08 Jul 2021 14:09:38 GMT

GET user-matching
ads.stickyadstv.com/ Frame B77B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

138ms
137ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:38 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 14:09:38 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=73d5de5e4bb521d941960c8dc3a417&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1625753378448053-356
Expires: Thu, 08 Jul 2021 14:09:38 GMT

POST
H2 200 processPlayerData Show response
frontalidsp.playoncenter.com/ Frame 02AC 640 B
953 B 176ms
175ms XHR
text/html 54.73.173.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontalidsp.playoncenter.com/processPlayerData
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.173.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 / PHP/7.3.19
Resource Hash: c396e77bb7fe4c88471b731c3b0a2e50e074f6f21f3f806c4fc6c457f435bb74

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 14:09:38 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.19
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://eldeber.com.bo
cache-control: no-cache,no-store,private
access-control-allow-credentials: true
content-type: text/html;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 site.min.js Show response
scrapping.theadwatch.com/ Frame 02AC 1 KB
1 KB 42ms
42ms Script
application/javascript 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908
Requested by: Host: widget.playoncenter.com
URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3995fe5329a05c2f6a8e293e1465212e648831dfd194e1b263015bad6cf396a0

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 10:59:05 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 12:14:06 GMT
server: AmazonS3
age: 11434
etag: W/"6e5cfe5c796f8a072c31c03938c87f56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: MvNJ0F77ydYQjbruRPm_q0Zmtam1vfVV
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: O2_CWwa5mC85zYzM7Y81O3wTJModGK0Y4m8xweipFmVYKwlaVKTZkg==

GET
H2 200 display.adw.min.js Show response
scrapping.theadwatch.com/ Frame 02AC 82 KB
27 KB 48ms
47ms Script
application/javascript 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scrapping.theadwatch.com/display.adw.min.js
Requested by: Host: scrapping.theadwatch.com
URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8be6abc4d57f07fd6283c28109a08d70216537088f8f3269590e1f94be4d499

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 10:59:05 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 10:54:43 GMT
server: AmazonS3
age: 11434
etag: W/"6786a16762375af343d0fbb992267d8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kBTUqC5.sBGw2WleYQihEAeglGyHiB2B
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: f6dQQEauHdJGMffMLj2BMXp3JyUPjDz8Nz8unXlEySQTkvXQzekAgQ==

POST
H2 200 ads Show response
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 02AC 2 B
384 B 107ms
106ms Fetch
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Requested by: Host: scrapping.theadwatch.com
URL: https://scrapping.theadwatch.com/display.adw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://eldeber.com.bo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jul 2021 14:09:38 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: d2bef68d-9975-4e62-a74a-f9ccea8226cf
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
accept: application/json
x-amzn-trace-id: Root=1-60e70722-549705ba236b23ca5dd11d07;Sampled=0
x-amz-apigw-id: CJ4NfH9pjoEF71g=
content-length: 2
x-amz-cf-id: 4fh3Vv3rcdPCMFHdTi-GOl89x70P7MXcrCCd-tRnH0Lu13Su3HVC-A==

OPTIONS
H2 200 ads
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 0
0 129ms
128ms Preflight
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Protocol: H2
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://eldeber.com.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 08 Jul 2021 14:09:38 GMT
x-amzn-requestid: 20503fcd-ee3a-450b-a53e-a949a73b8d77
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: CJ4NeEKGDoEFUNQ=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: d3WAsGln_xGd95gLwKqrjyiL2X0pXJ5wprERoWGTglsxcMUq-PAhwA==

POST ads
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 02AC 0
0

OPTIONS
H2 200 ads
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ Frame 0
0 79ms
79ms Preflight
application/json 13.225.87.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads
Protocol: H2
Server: 13.225.87.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-113.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://eldeber.com.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 08 Jul 2021 14:09:39 GMT
x-amzn-requestid: af68d017-109b-4686-b0ba-65d79f294c7a
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: CJ4NmHDRDoEFRxA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: mKLFvfOfpL89nlsiRgD_uaOfwFNbDw2-_EvtCe7dMDi8nRdsyuzY0w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: f09qq4p7aj.execute-api.eu-west-1.amazonaws.com
URL: https://f09qq4p7aj.execute-api.eu-west-1.amazonaws.com/dev/ads

Verdicts & Comments Add Verdict or Comment

378 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.eldeber.com.bo//assets/ElDeber/build/js/_libs.min.js?v=262(Line 1) Message: [InfiniteScroll] initialized. on scroller-holder
console-api	log	URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js(Line 728) Message: prebid result->
console-api	log	URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js(Line 728) Message: [object Object]
console-api	log	(Line 1) Message: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 16:09:29,380 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	log	(Line 1) Message: null
console-api	log	(Line 1) Message: null
console-api	log	URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1) Message: com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=11924&site_id=325750&zone_id=1692096&size_id=201&tg_c.language=es&width=351&height=199&rp_schain=1.0,1!playoncenter.com,38487,1&p_window.depth=0&rf=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&p_window.url=&p_window.w=450&p_window.h=255&p_aso.video.ext.ad.w=640&p_aso.video.ext.ad.h=360&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=2785585697499637.5&rp_secure=1
console-api	log	URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1) Message: com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=0&gdpr_consent=&account_id=11924&site_id=325750&zone_id=1692096&size_id=201&tg_c.language=es&width=351&height=199&rp_schain=1.0,1!playoncenter.com,38487,1&p_window.depth=0&rf=https%3A%2F%2Feldeber.com.bo%2Fmundo%2Factriz-porno-cobro-por-callar-relacion-con-trump_59032&p_window.url=&p_window.w=450&p_window.h=255&p_aso.video.ext.ad.w=640&p_aso.video.ext.ad.h=360&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7269483098780627&rp_secure=1
console-api	log	(Line 1) Message: null
console-api	log	(Line 1) Message: null
console-api	log	(Line 1) Message: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 16:09:35,648 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	log	URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908(Line 1) Message: [object Object]
console-api	log	URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js(Line 465) Message: scrapping cargado
console-api	debug	URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908(Line 1) Message: initScrappingLoad: 73.4111328125 ms
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: [object Module]
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: get_static_fields
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: 2402211908 null [object HTMLBodyElement]
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Id ad: 2402211908
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Id ad2: 2402211908
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: state: 0
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Success:Adwatch
console-api	log	(Line 1) Message: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 16:09:37,110 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: state: 2
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Success:Adwatch
console-api	log	URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908(Line 1) Message: [object Object]
console-api	log	URL: https://widget.playoncenter.com/newplayer/js/player.compress.po.js(Line 465) Message: scrapping cargado
console-api	debug	URL: https://scrapping.theadwatch.com/site.min.js?idSection=2402211908(Line 1) Message: initScrappingLoad: 55.31396484375 ms
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: [object Module]
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: get_static_fields
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: 2402211908 null [object HTMLBodyElement]
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Id ad: 2402211908
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Id ad2: 2402211908
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: state: 0
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: Success:Adwatch
console-api	log	URL: https://scrapping.theadwatch.com/display.adw.min.js(Line 2) Message: state: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	*

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
adservice.google.pl
ajax.googleapis.com
analytics.google.com
api-public.addthis.com
apis.google.com
cdn.gravitec.net
cdn.lavoz.com.ar
cdn.stickyadstv.com
cdn.vidcrunch.com
cheqzone.b-cdn.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dc27effc5d83d29795a5e4e66f23e774.safeframe.googlesyndication.com
eldeber.com.bo
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
frontalidsp.playoncenter.com
googleads.g.doubleclick.net
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pubads.g.doubleclick.net
s.amazon-adsystem.com
s.richaudience.com
s0.2mdn.net
s7.addthis.com
sakimg.e-planning.net
sb.scorecardresearch.com
scrapping.theadwatch.com
securepubads.g.doubleclick.net
ssp.api.tappx.com
static.eldeber.com.bo
stats.g.doubleclick.net
sync.adotmob.com
syndication.twitter.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
unpkg.com
v1.addthisedge.com
video-ads.rubiconproject.com
widget-pixels.outbrain.com
widget.playoncenter.com
widgets.outbrain.com
www.eldeber.com.bo
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
z.moatads.com
ads.stickyadstv.com
f09qq4p7aj.execute-api.eu-west-1.amazonaws.com
match.prod.bidr.io
sync.adotmob.com
104.111.230.142
104.244.42.200
104.84.56.126
13.224.193.54
13.225.87.113
13.225.87.8
142.250.181.226
142.250.185.98
151.101.14.132
152.199.23.105
168.119.138.45
172.217.23.98
18.156.190.73
185.59.220.194
2.18.232.28
2.18.234.190
2.18.234.233
2.18.235.40
2001:4de0:ac18::1:a:1a
2001:4de0:ac19::1:b:1a
205.234.175.175
213.174.135.1
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3285
2606:4700:10::6816:3385
2606:4700::6810:7aaf
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9b
2a00:1450:400c:c08::9c
2a02:6ea0:c700::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
35.204.47.73
38.131.2.17
46.249.52.248
52.46.130.13
52.58.167.129
54.73.173.213
64.202.112.159
65.9.66.30
69.16.175.10
004b9089238529155eca3dbfabeccec457d2228a4027e0aa4daca7252fcdd585
007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
024aafd9298eeb71097cfaf26ab9613f4a7c79c025e08e1c8089e6be4b49c692
03756393a5bd0a892eca673f2c8bd7d6e8f72b3d667e8dfe912d13bf4c1e0edf
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05478dab63553bb1bee0f6fb049c2190b82afa967fc1ffe88ef34cf12f511379
0559099b0d5dc93dbacf2a4f4647475cae0c74fda32d1067db29943f2c902361
0595c528398a21b5b0b9cd47c7a627f3ca5be5d07a05257d51e32e0ec9bfb8fb
0633b50dc57e539989500c43f57f172da6836ab328ee3c0f6a912289c380f42d
07d2084d9a4b99405973776a8546ca6a8b7e176800edc2b272a0efdccbd962ac
082a5f1113b3a8cc6a85ed7fc570b60021f137c478e8c77dc612e31f5295e57f
09084a784878c6c9394f8cfd7b7d33937f0ce89a2589b2d386e4c94a74f91627
0ae0271348480e1d72977b02b723d53bb25c74f624e3bb17b8dfb13652870db4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d08aa06092acdb50cda8da7631e949c734ff672040b2b5d5232979ac89596fe
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0fb2aa957d26b4f8aeed3219ca75fb78ea3fedfdd8d6ccf36e42b0d5d8421829
12b88a7c26990a50a713ec9a6f31fa8128b05c805e1933709b34dcb3cfd8bcb1
149990eda174d0d9164c610131d1c1421667f9d932f8c73584d083f3c8a11157
14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1711c534228fdd8f0d0a0a50b83b115c264b30340007236be0148fde08227c6c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186b2a17199bc4ad58e6fde533780e39a9ca239e366c2b4b7a7d2e524559455f
19c1822027241c8f247eee695f48a8fedd846eb5d2ee85bde8a16e30e468ec55
1b0dcbdf1aed1622cea1642d7f0aa83a1efccf14932dc53d2a23910f9d1cb86c
1bbb0320e0ae771b52075c1abea12433af4feadb34b56ba0fa3f7f510658a469
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1e9f44da67c624fd1331f6dbee8ae19ebf7d85889fbe480b5f8fb016825711e7
1e9f9a999e7bf5aa4f08f52b941986ab0ec3285ecd1c7c3cc8afdda598226456
1ee56f42c32f2114ae6743f3dfea9b1dec1c844d7dd9177fff7bea9de841e24a
1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
20e7394a0162007fd5685b98714d4e12cce8ada366a648cb142d75689dc534cd
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
21accf9b1f5dc5a260e9b3aef86a24f975f28e3a22c7122cf008a2d9e04fda76
222403538658aa5d1ddee1fde826dadbe1aa7d5137d5b92300537781d9f501a8
2354b7e6ff4b5a17fc52381e3f42e767aa56eff7005d65f229993978a1f2ac5c
23939dd61d5e19424d8199ebb1899ac8d7787e1b98d25de8184faab521a2baaa
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a030a77bcecc0621b938dc08610e4c1fa0e131507a2dbd0c8007960d269253
299a8167f5539ff84acf7b6f76851bb06f509ef244321afacc6214cf7a70ab31
2c29d590abec85311d435906f84505963c1655b5182046253272f133b1ced16f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dd24e0a366225f76f8cd4f950660310e3ae8e022e7dbe56a8208ac9790e836d
3127260f7a114d5b99000373002a2eecd53e34e19c0e9f9109fe96bf0000f583
36397903584ea8b3f102fca9758ff05f5a180a13a6f819f11f8f4966a048ca4f
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307
38ecbd3fd10b28b6cd618e85a6e8732fc7cc63f6ca46b4ba2a6dff689378c7f3
3995fe5329a05c2f6a8e293e1465212e648831dfd194e1b263015bad6cf396a0
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
3b759dcc210d8b466a8c3074a0d0c6245f5343fbab3677a36737045160a1dee0
3bf0776889efe6a632ebcbc7df5c2ebae1b11c580064076f1edae41e6acbace1
3c570a5b93d3441f3f8b0e89a8f83225465fa6050c206f78345f85f53f7561ff
3d53207b63b3b5f70b655ab0853a47a045adf91144ffc034f5027f84924410f2
40feb90d1f0fa4c33293a104a227993febf11c3870dae021f90c4f06d5f19d42
41b210fad6e9eaa120e032bb945a2e4cf30dece4de3657ec0dc42732ba472740
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44dcb98425fb701f908dd73dbac6f977f2f4581563b51ff962d2dc58d4764305
45c9753af41c4373747b5114628575e721f78dd296dcbb79ce319325628960dc
473a846f81f40f69461b9d84ee754f7f0fae8cb6bffa947ae97482d8567b03cf
48f5c57abee285db9b9943ed505270d506449ae57651ea6305d3f8f3eb075b5a
4a11b3e3bb590f42d500c01bcc5a269be3c1e9ce8f1ce8438d76d67615da172f
4a2da5732ef704a64778ea7b0474b368b9265d4cf523d0fdf4a3192e3d6be4a6
4c20a3c5173487377d03f18aaa59021f1a6766765dcace5a8191437507709e1c
4e05a4d0c93f2aa6f63f75d5e665800c3050300201d216e089a6bc9001b0a740
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f47e252095b314336d303f2e1acd31307e9dcc1f771f02eb5520dd2680e4a6e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ffed3cab99447796ac7e4d2cb14577c005b90c3dd0dfa0b5ab449bb4722ecf3
504aa7e7eb72cdecc3e80e4704c35395ce665e49adfa88537c204fb5731a19bd
53ca68561f8a79b91571146110c4c39f4135605dbf34f5d31a91317c4fa3f2f3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ada6642bd3d992a0ba5344658c617bcc44e865482e6f926f0fea523f879cc1
55da593c885b287fb2800a52282fc4e76a4a7153fb4d60488e7137ae0dafe10c
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
56c6ce9bec7419c555c18ca415e7c0985bd1ae0955a928cf6cba3eac553891c0
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5983e827e154052ed408794c2a12d7f34ab01097c7c33f18615b9413d4817de6
5a221fd28a3008a265e11595111451b8c78e91d1bc64ac33701398e8bb3a94e6
5b626a8abe1ea98d365cafbd4de2ae43f3d012abffdf052b6cab9160acb27472
5bdbc168879aff04174096e814f24ab52584106593bdea1c74f62008f902cc5b
5d69e64e0b274296a1d46edfdc28e6e74d543f6ed9a3e689a2aefa393d6f2119
5da52842ffe445cffa09effec959e5b50c6b13c2b4e12c690594bd4b25074362
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508
5e88101ac9d292a162c8310a3176c4ae596ee223995bf369b273dfa16225b7b5
5ed0d2d20ae7f1935071e1bc415929153f51155ad0c7ae6e917f12ec567f971c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
62d930d435b9d33ebf174c10b4a52cf4d8922fe63b3e38a3718d79be8069d518
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
688966c3a481f6f6867e350d3882f4df19687902adc581a4f6caf4770d18e11c
692f07094fa90b48e27d608d35e20835a07e419c9719a3dfe7f9ca469cea2542
6dd2fd43cbc6d06140d38548e76d09e8b592bad9d9ca0504232e567d0abaafb4
6e6f5ed735244dbcb93c0d840a067ee6fb5049e796ea63267154bee356bfc0eb
70ebb9144c5af4ee42974984bbca960806fc4d0e7aaf130b46d52e40cae3fc48
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74c623f6ed52cd20324fa3649c01ae2f8dc96e574131be3315e1692a9850616e
758866bd00ac25c9ca912a72e7ba5e0f1bd9a3f28304b6d22a0b0fa3a5ca1b6a
7683dfa55cc876b564c2d2deb44e0566181393fdc84e4ab459c7695a785ff0e5
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67
78734487541493e9162a1fdfbff9e579ca7f5a8b00604d25f55cd662714444d9
790d680f91ab108467894f6da0a31951dbc2ce0f3fb4a4f607f7c9468ad1adf8
79ea56e3e0f80a917a3b17f3d852e5d71755a11eee8737a7d9ca6a0fc11def67
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
7af62401dc5271452d467abe72982e59a0157c6d847b66a2a6b8b166e058ede5
7d97913f09154a3af2d1337d5241697477b81b4d4e61a62d993bdda7e5279b06
7e18367e24645fc838b222bb8a2f9b22606b587147c100ca838849d0acb22375
7f861a95d110870c42d0b4063d179ebc6a5c548ea8251f41c68a3323ae75b411
803b1692fd9c85b6632516b4e11109da8a5dd8c1f167baa520593a995726749b
80895811af3152a0389ed8cbe21fd77bd3080990d828382247588ee769db9189
8158911bee973cb9936ede89160d5fdb3dc052e5f868e4f9bedea6c01baa8ddd
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
83aa3ecb7b747db5d4b18b939eaf48357bf34fc839b041de1173ed1c3b6bef36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85bc8b741f9a0c97f1c7ee6315ea4691df5d25670c3213237172773a04c63754
861fe193370ceaf9cac223d12fa87c74fb5701edcbe64166ebb7925a65d17120
86caceb93bfaf11f4e8418bef2904cde8d4dbc7bbcd5d9f973422d1cbf76aee2
87be0db3511ad6477facd0bffc01046d1ce3807aa9c9fb3c80bc5ee1dacade85
8896ab96aab0cf27f6ddcc30b2b20b81aa4791467738c9dfc90f17a14592c713
8af74f027e61e94ebbcfa38f8307e22ccf6e83a95ebf199816a58dc4d095d181
8c0ef2287cabb4c07357f5925e6f8c95609e7abedc1194f70ecfeea5a65c7a01
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d523be55290938270eb94f009b516a6df34173b5d52ef13b27815742ae09058
8e92656bda791924ef589b0d6edb6b72dad8ca01943bd0bbe5c91b5be0d3f960
8ea59d63457097325222e236da47dbc8cb0075bc7dae3e905b6a5aae86bcc021
8ef19791fe4a6cdc23a5a645f382a2e830cef3b0f75f32a7e756dcb29b4df896
9007288706aafe9616f96be4e856fe91722056c40ea579bbfcd95993a6e82e34
94192424866461cfb1b0e1684654325dd00e5581cbb395d507d613bbb22fdbf9
949c7136efa355fe670800c0bc96bd6e6506cf214995d1ed4d138211d0009d03
94b0f2dde386b19e2cbf47a890e5235646c5ec5723787d4e46038df397221c8d
95a6503f27fa906e10efef5eb55297a9a4736074be4fee64df869cb8d5f2246a
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
97371649f7e7778d7508b1e33b59b907f5ddf6b194bc209ddcfe6d88d75d2436
974d566c42b758b3ce9e5f7a93113c1fd3944544149789d55235bd85ab9eeda8
97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9b32d70e5fddcf04258980e20474ca1e96e1f938fdafc2cb5b6e9c74f6f41321
9bbe3b818686f25a13de66f2b80a68c3450de51a68a6487eb37f6e830d2b6306
9cf4df76a10bbe97ceaaa6248f514497eb1a579ab579eef5fcaeaeb7514aeba8
9de126c86ab04e2444b1e461734eee399230551be4368e8ff6fe5de13ec1e62e
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fdf6ab9693bc6f584455926fc934c9b5aa51a635166c5420e508cdf8fd2883d
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a02ab9d3883933c49b321fb264b3e3a49630e5c7f10e6251fead1a76092a7903
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cb9b9b53b298e257947b582e752b131bc6a9a158bfd2fa380b235629b59957
a53563d515e1380750dd1ce3643fe0f40633a3117adae0a1119cfee929045046
a54881af4fc9b48716c5a62b0e245049b1195576e34bf01b3259deb347aece76
a5492c99e920c93dff325db29083a8110030187b57b75b485a9fcd1a9bedf522
a551108e994e0751be2d5b1c2e21238ba9207996d3f2f572cd7c7ffe1bc433a0
a55df048ccfc182ace0a4e5df7a0cba805dc9f62e98ee68601737e4e0ece0f9c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6cb6aa21563738375691438210ff1014f8087918cebf6708375388b462d1b49
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74f29b600f7d391effcf36e42135399ab5402e2cc1b9489fcaf6dd33cf9949f
a78dc45cd6ff32228acf82c513e8c0b367d57c999ab1433f303d323b5536bb70
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a85ffc7a2ffb70ca4dc053dd89331706f5506a43301d98214fdbd16513287528
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a8be6abc4d57f07fd6283c28109a08d70216537088f8f3269590e1f94be4d499
a93e05934784b068b86d43136ad78e8eea35a21048a9209d0dfb7e2e5cd3ed1d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af3f977bffbdb7acbec32706fe43f897fcaecbb50638a9c701389e76aec3c246
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b0b914b56dfc2f9e791a89a0f1168c966cffbc39010f60197d36e965adeb8a1f
b0cf5158206ffd499dd97fed1ebed3a4619776f2b217774119e11c7aa0e572b3
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde
b1a287382a07f02dc8771c6275a8c4228a4883b53cb51df86848ef2f1bebff67
b201a6bbcc2736786fe2a75fee058a2f87ca2e3edde344e195f9fc08b13eb7e1
b365f9b216aaa185d338b3d83f9c7ceda2fe7d56564a5efc047e98505a0f0048
b398fba13d57aad83e9edc5ea63a9f524f2a80e03ec1eecdb2ab9f6442b3bbcb
b48a64e9d5b25d96e38ae14d6ecaa50451028ee793078bb50dbfd6f9dbd7d3d8
b57139a86ad73af6f50be4ad57e6c8de7218d6622d3441e6796c00d0d9a6d961
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9a8dba234d28039daae9bd2b823586d2d23be450d10d17658053e78bb4360f0
ba32e9da1c89370cf40812b29d8e0da45408f5ba42cc2c0203d3cc96773605cc
ba87af37dd315379fcd30b169176db6cef0cde052bacc4dbf556d8c72f7f33ee
bb73633f1cee75d4647a4bca2be901f2cd7ee479434264a963f761b9cfe3ba4f
bd044d6a97f6816be28fec361201ee9325772590024e7e6a1a42dc5382fca74f
c01e461f961a9c3251f826352492e94e01948087044abf6665d74334e8f91aba
c0cfc3e7aaa254035c81c6509e0e3b6b4bc69340bcc5d5410c8114b1faa2689a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2919b46841752622f3f4428cdea49b015e3cb258ccec4aefbcf6d447b8c4f34
c396e77bb7fe4c88471b731c3b0a2e50e074f6f21f3f806c4fc6c457f435bb74
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d20606a1d5e9d0f6a59d9dbd87d514e2dd3e030c06f06e8d8e343dcc5c7ec5
c3da840f7a6235a91f38fcfaf0547093c7305d1c4e9a218b0797989fcba7e175
c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016
c971ec4829376335946d1beaa191f2c64a48e8954b422dea372c2d9029177b9b
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd5bcc0f8cb9c8f203c993ac3a906de642d5ed8746bb76d8d2cb87b707d39c09
cf45534e3774c86de9c6063f222a0bb72016bf74ae95dfa174ea9fbb0c1016a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d42df60a88e2b93b22a1268e029bdc19439097c4540dec2cac6b72c154e3db4f
d47d85ccf0567b062133cac0fcaafa25b9e799587643571e141cb1f82b4b5994
d57e71cd8c5ed652eadbd40e4f4793d2dc70ab6d57386dc438ccfd3ae9843b6b
d6148fee4fe32d170514ae3e055ebd6439465f9a93ece4391e8bd465861b38bc
d6f308d101d4746f76981cd277ad2fd1132831d1cbcc9ff6c3f33568f7b9ae34
d775e28353e0652cedc190070e753c0414f897a9f5ae7bf52ad146c8289665ab
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc1f73bb79877b91d1b01af29663794faea0b8db82954a0cd16ae8526ad76bea
dc7eb957cfc56960562edc76ae07648155c089560891c3cf23dfc19166b6b3e5
dc9df82be86f8060ed72f3efb177a1898f63d938b68058c7b0262667ce07f996
dcb7f38e11a4d27d65879ee3be213baed3afaf7075d15e7c16098aea06fe3de2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff01daed626ba5cceec848f483670a27c525643b6a3c26adb5796b668d1c253
e18990452c4660665ecc847701101844aca533110f763ad90a72c341c1df6639
e192ecbc789775a111d89b3dca636cf5d3b9817c5db524c87ff9ce5b304c7aff
e1bc56a25469e072d1936fd0b39a43585c4f0d23c9d6061aacbf06e012b8478a
e24788a1fc59c9797a8bdc71b28603961cef40d99920e49df79ea474f08114ab
e39450667326a2428870f6936073db4a593279a6153c4db65b3fd9d91ee89ec9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44421aff2827ea799f50b42ca6497acffe42f71a311d2980525192bb0dd4fad
e62d1a634d0ce661d433179a120506e87f812a7339789899d8395fae013bd033
e8ba18a674065c09346e3644a7d591211cdd12e6e895ebfdc1baefd28e6860d1
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
eb98681d6103144429920e83682e81717c3930c19c1e4cfe5e812e5a075cbf37
ec24db03a2e7826ce7beaf0e5759270d226e939d752244b1ce0138bff930aec7
ecad82d48a6a4d0daecf908e3c2391b7502beb5eb706338ee194f50bdc7f9e14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e9d1f0b1088aab5d79169246b47827261e6c987a4e5def66e55496b0fb6b36
f8c80862a8118a242ffd325663b56b8dfa5491ab50b0b9fec37d4ea692551141
fb5b7b664ee27b00154e949bbf1a17baa472b0527fef1a18a2e88532342342b6
fcb7f9541707070da99ccb825666ee9833f3ad568a14fcea88ccfc85aa44370b

eldeber.com.bo Open in urlscan Pro 38.131.2.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

389 Requests

98 %HTTPS

53 %IPv6

42 Domains

70 Subdomains

62 IPs

7 Countries

6855 kBTransfer

17358 kBSize

0 Cookies

14 Outgoing links

Page URL History

Redirected requests

389 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eldeber.com.bo Open in urlscan Pro
38.131.2.17 Public Scan

Screenshot
Live screenshot

Full Image

389
Requests

98 %
HTTPS

53 %
IPv6

42
Domains

70
Subdomains

62
IPs

7
Countries

6855 kB
Transfer

17358 kB
Size

0
Cookies

389 HTTP transactions
8 data transactions