es.padventures.info Open in urlscan Pro
51.222.153.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://es.padventures.info/
Effective URL:
http://es.padventures.info/P%C3%A1gina_principal
Submission: On March 18 via api (March 18th 2024, 8:48:37 am UTC) from US — Scanned from CA

Summary HTTP 46 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 51.222.153.228, located in Canada and belongs to OVH, FR. The main domain is es.padventures.info.

This is the only time es.padventures.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	51.222.153.228 51.222.153.228	16276 (OVH) (OVH)
14	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
3	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
3	172.67.151.240 172.67.151.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.251.35.161 142.251.35.161	15169 (GOOGLE) (GOOGLE)
1	142.251.32.102 142.251.32.102	15169 (GOOGLE) (GOOGLE)
3 4	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.80.4 142.250.80.4	15169 (GOOGLE) (GOOGLE)
46	12

12 51.222.153.228 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: padventures.org

es.padventures.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.151.240 (United States)

ASN13335 (CLOUDFLARENET, US)

ctxtfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.ctxtfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.35.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.102 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.162 (Plainview, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.155 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	369 KB
12	padventures.info 1 redirects es.padventures.info	376 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 ad.doubleclick.net — Cisco Umbrella Rank: 164 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	45 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 626	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 269	3 KB
3	ctxtfl.com ctxtfl.com — Cisco Umbrella Rank: 21648 services.ctxtfl.com — Cisco Umbrella Rank: 22476	9 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 319	1 MB
46	8

	Domain	Requested by
14	pagead2.googlesyndication.com	es.padventures.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	es.padventures.info	1 redirects es.padventures.info
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	services.ctxtfl.com	ctxtfl.com
2	ad.doubleclick.net	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ctxtfl.com	googleads.g.doubleclick.net
46	12

This site contains links to these domains. Also see Links.

Domain
www.padventures.org
www.facebook.com
padventures.org
www.mediawiki.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
ctxtfl.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
services.ctxtfl.com GTS CA 1P5	`2024-02-13` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://es.padventures.info/P%C3%A1gina_principal
Frame ID: 8A77E810AA223E7895C49882B189B2DD
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&h=90&slotname=4589147291&adk=2352085356&adf=1000323793&pi=t.ma~as.4589147291&w=728&lmt=1689648586&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&wgl=1&dt=1710751713053&bpp=205&bdt=172&idt=476&shv=r20240313&mjsv=m202403130201&ptt=5&saldr=sd&abxe=1&correlator=6743580730635&frm=20&pv=2&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=528&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=489
Frame ID: 93863397D83B9C54DBE7F777F3C66A32
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&adk=1812271804&adf=3025194257&lmt=1689648586&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&dt=1710751713258&bpp=1&bdt=378&idt=306&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_slotnames=4589147291&nras=1&correlator=6743580730635&frm=20&pv=1&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Frame ID: B3A256996ACEF378A87C5A18D5686888
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEOGEjP0DGPeH4IgCMAE&v=APEucNXIi70cPansxTnOFktodFfiym1C3vdMpeahKrRYkTX4EgsEwVxWCCp9ay8qJm78vm4_8mF6O0EuAkasQZoqMs5gO-nyNA
Frame ID: D3CAD813C39C4915C4544B2A2A3DBC9C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 062C96D5E4F9EAF6B5DBD8358627448A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A279CE78C64466BC0E12D942160FD7FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42F0B473FD7A607BC49F9C8B43BACD38
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PAdventures.info

Page URL History Show full URLs

http://es.padventures.info/ HTTP 301
http://es.padventures.info/P%C3%A1gina_principal Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

65 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

2146 kB
Transfer

2883 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.padventures.org/forum/showthread.php?33804-Changelog
Title: http://www.padventures.org/forum/showthread.php?33804-Changelog

Search URL Search Domain Scan URL

URL: http://www.padventures.org/index.php/changelog
Title: http://www.padventures.org/index.php/changelog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/padventuresofficial

Search URL Search Domain Scan URL

URL: http://www.padventures.org/index.php/p/v/gui_tm
Title: TM disponibles

Search URL Search Domain Scan URL

URL: http://www.padventures.org/index.php/p/v/abilities
Title: Habilidades pasivas de Pokémon

Search URL Search Domain Scan URL

URL: http://www.padventures.org/index.php/p/v/helditems
Title: Held Items

Search URL Search Domain Scan URL

URL: http://padventures.org/
Title: Padventures Main Page

Search URL Search Domain Scan URL

URL: http://www.mediawiki.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://es.padventures.info/ HTTP 301
http://es.padventures.info/P%C3%A1gina_principal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDw5oY_Y501PqLSwOYAVuio&google_cver=1

Request Chain 35

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zff-4kt3uXkAAA1LALH-jQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDuNlUxH9HQYEDAxBxWrjhg&google_cver=1

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESHjgQjsnNBJk5J_3H-hJo&google_cver=1

Request Chain 37

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczMzA2OTkzMTI3NzA5NjM5Ng%3D%3D

46 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request P%C3%A1gina_principal Show response
es.padventures.info/
Redirect Chain

http://es.padventures.info/
http://es.padventures.info/P%C3%A1gina_principal

16 KB
16 KB

82ms
82ms

Document
text/html

51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/P%C3%A1gina_principal

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

3d8fd28f45a349b17781035d996df34062f48e11a639e0c502999d69398d642c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, must-revalidate, max-age=0
Content-Length: 16010
Content-language: es
Content-type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 08:48:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 18 Jul 2023 02:49:46 GMT
Server: lighttpd/1.4.45
Vary: Accept-Encoding, Cookie
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge

Redirect headers

Cache-Control: private, must-revalidate, max-age=0
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Mar 2024 08:48:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Mon, 18 Mar 2024 08:48:32 GMT
Location: http://es.padventures.info/P%C3%A1gina_principal
Server: lighttpd/1.4.45
Vary: Accept-Encoding, Cookie
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK load.php
es.padventures.info/ 56 KB
57 KB 125ms
114ms Stylesheet
text/css 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=mediawiki.legacy.commonPrint%2Cshared%7Cmediawiki.sectionAnchor%7Cmediawiki.skinning.interface%7Cskins.vector.styles&only=styles&skin=vector

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

bccb798297c4ed1d0570183f0bb61adb37d2b1e02a9730dceaa3de8435c405ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:32 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"l6yh2vyb"
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300, s-maxage=300
Content-Length: 57768
Expires: Mon, 18 Mar 2024 08:53:32 GMT

GET
H/1.1 200
OK load.php
es.padventures.info/ 0
314 B 95ms
82ms Stylesheet
text/css 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=site&only=styles&skin=vector

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:32 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"d1F3ajSh"
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300, s-maxage=300
Content-Length: 0
Expires: Mon, 18 Mar 2024 08:53:32 GMT

GET
H/1.1 200
OK load.php Show response
es.padventures.info/ 16 KB
17 KB 129ms
128ms Script
text/javascript 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=startup&only=scripts&skin=vector

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

e121e13b8ad0887bd814205eb81113fd23cf6841d391d6a0c8deff3e4eac2af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"zPa6qLzv"
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=300, s-maxage=300
Content-Length: 16699
Expires: Mon, 18 Mar 2024 08:53:33 GMT

GET
H/1.1 200
OK Lubie.png
es.padventures.info/images/7/71/ 4 KB
5 KB 61ms
49ms Image
image/png 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://es.padventures.info/images/7/71/Lubie.png
Requested by: Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal
Protocol: HTTP/1.1
Server: 51.222.153.228 , Canada, ASN16276 (OVH, FR),
Reverse DNS: padventures.org
Software: lighttpd/1.4.45 /
Resource Hash: b798d478a6c0b0a46229a9ac13ec40d0ce9a57d63b87aa6acc473826c387ad9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:32 GMT
Last-Modified: Thu, 10 Aug 2017 18:02:41 GMT
Server: lighttpd/1.4.45
Accept-Ranges: bytes
ETag: "1259978890"
Content-Length: 4459
Content-Type: image/png

GET
H/1.1 200
OK poweredby_mediawiki_88x31.png
es.padventures.info/resources/assets/ 3 KB
4 KB 61ms
49ms Image
image/png 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://es.padventures.info/resources/assets/poweredby_mediawiki_88x31.png
Requested by: Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal
Protocol: HTTP/1.1
Server: 51.222.153.228 , Canada, ASN16276 (OVH, FR),
Reverse DNS: padventures.org
Software: lighttpd/1.4.45 /
Resource Hash: 5905c6ff4b5617abf09cb17641a6cbf4291607ea31a3a2db03b65edbfcebee9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:32 GMT
Last-Modified: Thu, 10 Aug 2017 18:02:52 GMT
Server: lighttpd/1.4.45
Accept-Ranges: bytes
ETag: "2148750207"
Content-Length: 3525
Content-Type: image/png

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
11 KB 120ms
107ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/P%C3%A1gina_principal

Protocol

HTTP/1.1

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

09b5b7b06093a2765a78a6e37e16df6f293b4237d6f51962f7ff9e99eeb044b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12175192092881322413
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10803
X-XSS-Protection: 0
Expires: Mon, 18 Mar 2024 08:48:32 GMT

GET
DATA 200
OK truncated
/ 174 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d7aa0346dd719a960134bcb0356bbbc0c1b6e13f518f2c1062c39176bae1c3

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea40f4f405204f6403c97a6ad2b2f06ba2bfe2fe42e85ac28a9d59ded147721f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c93392a3c0f220ef2b82c5583b507543b573b9312d90dcbed4696408939029

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f6a53a2a290646fa64b9f2abd28aed4354621899da4b04c113ac90141939237

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 94 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa86b811027fd5dc20c28c65551d994c8afa3b9430fd246c2f98a069736f272a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d047d5437d50995f760b9738dc77a0e457b6713e1dc0355a0b5f18fbb5cb3c83

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found header.png
es.padventures.info/skins/skins/ 345 B
345 B 30ms
30ms Image
text/html 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://es.padventures.info/skins/skins/header.png
Requested by: Host: es.padventures.info
URL: http://es.padventures.info/load.php?debug=false&lang=es&modules=mediawiki.legacy.commonPrint%2Cshared%7Cmediawiki.sectionAnchor%7Cmediawiki.skinning.interface%7Cskins.vector.styles&only=styles&skin=vector
Protocol: HTTP/1.1
Server: 51.222.153.228 , Canada, ASN16276 (OVH, FR),
Reverse DNS: padventures.org
Software: lighttpd/1.4.45 /
Resource Hash: beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/load.php?debug=false&lang=es&modules=mediawiki.legacy.commonPrint%2Cshared%7Cmediawiki.sectionAnchor%7Cmediawiki.skinning.interface%7Cskins.vector.styles&only=styles&skin=vector
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
Server: lighttpd/1.4.45
Content-Length: 345
Content-Type: text/html

GET
DATA 200
OK truncated
/ 96 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92cfdc842c5a7d694e7caa258784b29203842c5d21df1af2a332fd4a62cc8440

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 158ms
98ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

699af2b7a7b1edfdbffb53d6d1b5494fb438ed7dcc5ee920b9d56bcc8fc8c14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50751
x-xss-protection: 0
server: cafe
etag: 4272687197925885335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 18 Mar 2024 08:48:33 GMT

GET
H/1.1 200
OK load.php Show response
es.padventures.info/ 173 KB
174 KB 42ms
42ms Script
text/javascript 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=giLmetGT

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/load.php?debug=false&lang=es&modules=startup&only=scripts&skin=vector

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

d3335e798a08338c1d70a49f16cca90e41a5fe0ba121b0deff37a79e634a0aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"giLmetGT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000, s-maxage=2592000
Content-Length: 177409
Expires: Wed, 17 Apr 2024 08:48:33 GMT

GET
H/1.1 200
OK load.php Show response
es.padventures.info/ 17 KB
17 KB 44ms
44ms Script
text/javascript 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery.accessKeyLabel%2Cclient%7Cmediawiki.RegExp%2Cnotify%2Cutil%7Cmediawiki.legacy.wikibits&skin=vector&version=a4bf43dba1fa

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=giLmetGT

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

9b0b28ce05561b6e334bd5de4b2227ec0256cd020d48c5c404e8fa9d39b3e7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"KYS5Wal2"
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000, s-maxage=2592000
Content-Length: 17025
Expires: Wed, 17 Apr 2024 08:48:33 GMT

GET
H/1.1 200
OK load.php Show response
es.padventures.info/ 8 KB
8 KB 45ms
45ms Script
text/javascript 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery.tabIndex%2Cthrottle-debounce%7Cmediawiki.page.startup%7Cskins.vector.js&skin=vector&version=3f153840397f

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=giLmetGT

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

227ab45952e97647cd9b57b66d8a380e8e2e4db50bdf8f6bd9cdaaaeaae74431

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"PxU4QDl/"
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000, s-maxage=2592000
Content-Length: 7977
Expires: Wed, 17 Apr 2024 08:48:33 GMT

GET
H/1.1 200
OK load.php Show response
es.padventures.info/ 79 KB
79 KB 52ms
52ms Script
text/javascript 51.222.153.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery.checkboxShiftClick%2Ccookie%2CgetAttrs%2ChighlightText%2CmakeCollapsible%2Cmw-jump%2Cplaceholder%2Csuggestions%7Cmediawiki.action.view.postEdit%7Cmediawiki.api%2Ccldr%2Ccookie%2CjqueryMsg%2Clanguage%2CsearchSuggest%2Ctemplate%2Cuser%7Cmediawiki.language.data%2Cinit%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Csite%7Cuser.defaults&skin=vector&version=583376164266

Requested by

Host: es.padventures.info
URL: http://es.padventures.info/load.php?debug=false&lang=es&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=giLmetGT

Protocol

HTTP/1.1

Server

51.222.153.228 , Canada, ASN16276 (OVH, FR),

Reverse DNS

padventures.org

Software

lighttpd/1.4.45 /

Resource Hash

799e48e33b7e6d1742d0add66f86e1e9244d5075567a52b06f9d3e8ddf7be464

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/P%C3%A1gina_principal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:48:33 GMT
X-Content-Type-Options: nosniff
Server: lighttpd/1.4.45
ETag: W/"u20TMO3f"
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000, s-maxage=2592000
Content-Length: 80771
Expires: Wed, 17 Apr 2024 08:48:33 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 405 KB
138 KB 112ms
111ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

f48d5807b4a98e3412650fcde60cdfe64cc058c99b07a68650c13987692f0b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140963
x-xss-protection: 0
server: cafe
etag: 16673226874405011165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 08:48:33 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9386 93 KB
43 KB 499ms
438ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&h=90&slotname=4589147291&adk=2352085356&adf=1000323793&pi=t.ma~as.4589147291&w=728&lmt=1689648586&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&wgl=1&dt=1710751713053&bpp=205&bdt=172&idt=476&shv=r20240313&mjsv=m202403130201&ptt=5&saldr=sd&abxe=1&correlator=6743580730635&frm=20&pv=2&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=528&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=489

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

78f455f078fdcf29c57e7ac1137899c68f21b9b1c594f2cecfeb16bab82fe90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://es.padventures.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44021
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 08:48:34 GMT
expires: Mon, 18 Mar 2024 08:48:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3A2 0
466 B 74ms
41ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&adk=1812271804&adf=3025194257&lmt=1689648586&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&dt=1710751713258&bpp=1&bdt=378&idt=306&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_slotnames=4589147291&nras=1&correlator=6743580730635&frm=20&pv=1&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://es.padventures.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 08:48:33 GMT
expires: Mon, 18 Mar 2024 08:48:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9386 42 B
63 B 94ms
93ms Image
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJZL_DOZW9YCkYs5VX5ZLLgzJV-kAuccgAewfqZUvWzI0c4FBhUDhI8DpqN0TtH2xa9JJ-B7PP8eotQBtg3dhdA4lqK_WHvOHbUVyeRcdbQdI9fwA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&h=90&slotname=4589147291&adk=2352085356&adf=1000323793&pi=t.ma~as.4589147291&w=728&lmt=1689648586&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&wgl=1&dt=1710751713053&bpp=205&bdt=172&idt=476&shv=r20240313&mjsv=m202403130201&ptt=5&saldr=sd&abxe=1&correlator=6743580730635&frm=20&pv=2&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=528&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=489

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D3CA 624 B
509 B 104ms
103ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEOGEjP0DGPeH4IgCMAE&v=APEucNXIi70cPansxTnOFktodFfiym1C3vdMpeahKrRYkTX4EgsEwVxWCCp9ay8qJm78vm4_8mF6O0EuAkasQZoqMs5gO-nyNA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&h=90&slotname=4589147291&adk=2352085356&adf=1000323793&pi=t.ma~as.4589147291&w=728&lmt=1689648586&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&wgl=1&dt=1710751713053&bpp=205&bdt=172&idt=476&shv=r20240313&mjsv=m202403130201&ptt=5&saldr=sd&abxe=1&correlator=6743580730635&frm=20&pv=2&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=528&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=489
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 08:48:34 GMT
expires: Mon, 18 Mar 2024 08:48:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 9386 23 KB
9 KB 29ms
28ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:06 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame 9386 8 KB
3 KB 30ms
30ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:06 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9386 0
0 156ms
96ms Fetch
image/gif 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6TfA5NTGfws1WPGB-okQ6KMEEv8rDcaJHPLpedrXcKUMzAKeb-H_RuEPZgwm9hUz-1oEmIAJJeoJ61K0ISpDAVtFe1lhVNy6I56Ka7901Pzh9xURKsYPoa15-KWtbxK_RXsfhdjop-WcFrI4hTXjvhCMPwaHdHnHXwUR7KywZ7WBBhT75SIz1BiuCPZU9GGpj2zwBNmRfKiq-Yc7x6W5DYLPWe63e9_3XXm09BT0wnssGmxI0vKaO9-bK7uhfJOt4ItB_rQsFKEix9TPQ8bvGv-37a_rzw-9iCjboUkMUKqqTSQjosPiPx0iThRFtOkMI101-bNt6qsAsvIOS1G-kPF-Gj67-GwCnTNwE1Cg2DY4vtiPAGFSYjgMjRtqkXD37BNyagYTHNZ3BFgxUwC4aO2G0W8r-ot0pdgNFVMnakWswyVsy_XeuaJCXMEOhj45qIRaIwP6jyIWuBQHI7itgvMVB3ALlMSQBJKs4xqsLbgsT66fFDzj6IM3tfb3duK-lQjpJZV4QZAABIdJUcGRJJq1PHdfs5s6n_Z4CHM-2YeIsf1Hq830OCTAU5IAV2Zcu1WSX8FspXhh7oiMeXLNOezeqVNTBovxp14VbyOTSUa69eRt8LSB5XmXsAVyTeZ6KCEPnkkVEHV3IVj2obTh9mH38Q5TE6GoItFAhUZzxC8nfgX7lGBIXO-3HxgVTAQMvRAGD8N1LAy4vTPdA4JkebdrDs08BhytFVoRNX6MHekbPFVxviUoeJ34sazZIbgzobB8hkwE2l97-Df6p4i1vY9Bt4NQN5tHBNbmv6oo8TGvw78EZCl8PFv24OmbSZ40wZNNfUl9GxMqxR5NIg1g12gtDnLVyau_yJ5lXjCvbaek2hCZkZuBvrWqlhZRwk2Y4qSQIDkQdYok4lQ3ND3T0-JKkBm9d9YqKlm-iAPBoNjOTo3O0Mto-wWd3vcoFTp8e3RCw9EZmZ0S_-wOYTFQ1FUbCjZ26teidOxX_urs079ZK5t-snJJT3uSSoyoOMkgSoCMKbCRS8b_3LFkTvtFi9paXW0CzumZ77sYVhki0FFCDVCJBdyyHdymop_eV-RnXRxG68zfbjXCIki45pnCNornAaWYruPEOHa2-zgQ69-QCpU9UuzZliEY35ykxxeAsulNDrYWjI0XwQxY3ISs3DKMm9zZlRcknr4-rjK-g9G7C0JZ4xshL8dM6P16r6YUNsoqD1rV_Guta1X0qSDhA6-bbxMGq16GksriRe3XaPcnLqeLLO1AJT6-e6F45XmGK_cZ1a6Z0khf6r6mXBNGM71PK6qgeXdRFxNx9mtBslCQ5g4-Sdo8PAVKhKobd9mUlAKy5ZHqe-2GX2rP13WQPdF0keSzufhMzTwKK5n9JvYk3FiJTI0r1t5HIT8FsVYD3hA0yjcvoG0SrebbgRFI&sai=AMfl-YSGsC8kddpNxXAm27FJgmKZhCtMCdNqLIUFMeKbM5tAiQj4U9wqS035f_m0vdiZeLmwy0dfigW3gTK83QsRUTokUZcQiarM5oInYKm-IsjPJBbVVS87K3y0WjCzBwUnFe5gpElivMMvZDf4lmYIhSZwoCTdcdZssIF8472fRqvZ2YL5bT_ZHvmieMkpUoFSDgubA_TdEFEN0WQpUeSWyov8PwBioFVTViOfu8769yi6NpqmQgWkPT4l0WYw5ygtVCj6h7EhGlDg13zoYtlRjNOZO0ENYn3vxidbKnkAQQduGAV4OmyGrXwj5JdAg7i1WSEWkrRXiAdrwaeaPcBusup8eoXF3F-t1I8cD40tD-5HBbvtogwiCPKBPY4UpzHTYOgyaRDCSWh5Ao17r14uAVVUgKUaMhqJHOI1TuAP-FPpAMz15hnzgQCYtAG2c0N5nSI0QidJqpFdAqfWDkj4ftp_9o9IqsWbfERE2IznrhoA6Z1O5tL3r-uBbz5NWedSj2PU5rIDZ6UYnQ&sig=Cg0ArKJSzKT9HahbVeYPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9mb29kYmFzaWNzLmNh&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240313.46114&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Mar 2024 08:48:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 18 Mar 2024 08:48:34 GMT

GET
H2 200 m.js Show response
ctxtfl.com/scripts/js/ Frame 9386 18 KB
8 KB 98ms
52ms Script
text/javascript 172.67.151.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020OH5CPafVYZG18v6tcLr&cb=2918642823&adv=12422844&buy=30687428&cid=211955443&pid=389124576
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9162779708935553&output=html&h=90&slotname=4589147291&adk=2352085356&adf=1000323793&pi=t.ma~as.4589147291&w=728&lmt=1689648586&url=http%3A%2F%2Fes.padventures.info%2FP%25C3%25A1gina_principal&wgl=1&dt=1710751713053&bpp=205&bdt=172&idt=476&shv=r20240313&mjsv=m202403130201&ptt=5&saldr=sd&abxe=1&correlator=6743580730635&frm=20&pv=2&ga_vid=1928486831.1710751714&ga_sid=1710751714&ga_hid=983717444&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=528&ady=611&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081794%2C44785295%2C44795922%2C95327950%2C95327954%2C95325784%2C21065725&oid=2&pvsid=220981229409062&tmod=2035554968&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=489
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.151.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2ad9d56e3878adff4467713afb0dca41e14363d3f4459f228169d9fa5d68d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding: br
age: 6131
cdn-storageserver: NY-267
cdn-pullzone: 1590819
cx-edge-cache-status: HIT
cx-request-id: bri-0e40317c-1696-41a3-8f36-2fc12137e88b
cdn-proxyver: 1.04
cdn-fileserver: 717
etag: W/"65ba9ac4-48be"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800, s-maxage=43200
access-control-allow-headers: *
cdn-requestcountrycode: CA
expires: Mon, 25 Mar 2024 08:48:34 GMT
date: Mon, 18 Mar 2024 08:48:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 940
cx-browser-cache-status: ADD
cdn-cachedat: 03/06/2024 20:14:16
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 19:08:52 GMT
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=326hJQasqpZVmtDHNJtJbXWeY7v6bBR91mLkoI1tVylv3u161e8H%2F1TjFbDX0Q1LIVIblIdjEtQ8GV58srbFGcD2GrpAV6vZVdyJ9S0RuWrwKlTSTmh%2B3ASTXw7r"}],"group":"cf-nel","max_age":604800}
cdn-uid: 51c20a3a-64d7-4cb2-9bb8-083e1e284af0
cdn-requestid: cfb14fcd6d3bb1fab8cbbc373d3df844
cf-ray: 8663f6e55e3b3a00-YYZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9386 41 KB
14 KB 101ms
30ms Script
text/javascript 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:50:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 388655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:50:59 GMT

GET
H2 200 2131293085049015956
s0.2mdn.net/simgad/ Frame 9386 1 MB
1 MB 88ms
27ms Image
image/gif 142.251.32.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2131293085049015956

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.102 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f6.1e100.net

Software

sffe /

Resource Hash

6cd9e3526d7e0e1e4a75786716d09174e1412fe35597703af7593541cfbd8ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 14 Mar 2025 04:08:32 GMT
date: Thu, 14 Mar 2024 04:08:32 GMT
x-content-type-options: nosniff
age: 362402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375210
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 21:48:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 9386 3 KB
1 KB 107ms
40ms Script
text/javascript 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 9386 20 KB
8 KB 94ms
27ms Script
text/javascript 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:05 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9386 208 KB
63 KB 27ms
26ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 09:36:58 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D3CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDw5oY_Y501PqLSwOYAVuio&google_cver=1

43 B
770 B

39ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDw5oY_Y501PqLSwOYAVuio&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEOGEjP0DGPeH4IgCMAE&v=APEucNXIi70cPansxTnOFktodFfiym1C3vdMpeahKrRYkTX4EgsEwVxWCCp9ay8qJm78vm4_8mF6O0EuAkasQZoqMs5gO-nyNA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2v9N1mT%2BpPy0GcLqxcx84ydDK70MOd8lqP6xcgtjYLptE0NfpkcmTiFXYOzU1KPTn%2BscVpGnVETR6GwyIL6ScHGdzZbomclkjKfwxxDZlzxZphOMlQQLZocppc2Q7uTFia4k%2FJrzx7%2F0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8663f6e64e18a252-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDw5oY_Y501PqLSwOYAVuio&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D3CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zff-4kt3uXkAAA1LALH-jQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDuNlUxH9HQYEDAxBxWrjhg&google_cver=1

43 B
733 B

39ms
37ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDuNlUxH9HQYEDAxBxWrjhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEOGEjP0DGPeH4IgCMAE&v=APEucNXIi70cPansxTnOFktodFfiym1C3vdMpeahKrRYkTX4EgsEwVxWCCp9ay8qJm78vm4_8mF6O0EuAkasQZoqMs5gO-nyNA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tU3eoIajVcw8QkOU8Ve6vMfIZLvDTqLzkLO0%2B%2FEsN6mP1yhLDKOr8HiQZ%2FZ%2BsknZ38nd9SSARFQb3gHiTnzLmIdFoDjVBEwIhadMCBlRTMkv9If2sat5pqZT163i5dCVesUnci4vtoc9iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8663f6e6bea3a252-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDuNlUxH9HQYEDAxBxWrjhg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D3CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESHjgQjsnNBJk5J_3H-hJo&google_cver=1

43 B
1 KB

34ms
34ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEESHjgQjsnNBJk5J_3H-hJo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEOGEjP0DGPeH4IgCMAE&v=APEucNXIi70cPansxTnOFktodFfiym1C3vdMpeahKrRYkTX4EgsEwVxWCCp9ay8qJm78vm4_8mF6O0EuAkasQZoqMs5gO-nyNA

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
an-x-request-uuid: 9d2cbe06-da20-4ca0-8303-eb3af30bf577
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.121; 86.48.14.121; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEESHjgQjsnNBJk5J_3H-hJo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczMzA2OTkzMTI3NzA5NjM5Ng%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczMzA2OTkzMTI3NzA5NjM5Ng%3D%3D

Requested by

Protocol

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
an-x-request-uuid: e246fea5-2566-4b65-8ed9-92b32556c6fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczMzA2OTkzMTI3NzA5NjM5Ng%3D%3D
x-proxy-origin: 86.48.14.121; 86.48.14.121; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cracq Show response
services.ctxtfl.com// Frame 9386 18 B
297 B 53ms
53ms XHR
text/html 172.67.151.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.ctxtfl.com//cracq
Requested by: Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020OH5CPafVYZG18v6tcLr&cb=2918642823&adv=12422844&buy=30687428&cid=211955443&pid=389124576
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.151.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/octet-stream

Response headers

date: Mon, 18 Mar 2024 08:48:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9E%2Bilyw1ERp4vFWAs6osvGOXjIBcSKAZ9cN0tMTNvLJqbGM0mB2spPdlHuqw%2Bey30XRWXU%2BVslfIjJ3uCyYo5gml6N8W4CZM%2BXV%2BCtD3z%2F67rAVrIkW01tEhJ8YpGlM09K63T%2FW4"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cf-ray: 8663f6e66bb97115-YYZ
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 cracq
services.ctxtfl.com// Frame 0
0 101ms
55ms Preflight
text/html 172.67.151.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.ctxtfl.com//cracq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.151.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8663f6e60b9b7115-YYZ
content-encoding: br
content-type: text/html
date: Mon, 18 Mar 2024 08:48:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXX7RKRQonZT1AUobEXhnnBxfATIoTySgFZLs4BwoCV7a47hRMzpNsXNk3gzm7M%2BhX%2BWt7XsuAieE7qSeoOWV2BgPZh2JwV5KjxD2UElSVvYucXb67jaQqe8qRfVSOgR3Zp5VvRa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 062C 38 KB
13 KB 28ms
24ms Document
text/html 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 388400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 20:55:14 GMT
expires: Thu, 13 Mar 2025 20:55:14 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9386 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbae5abdf55bb5fd1b5065f7e4a2e1e2f32f54f37f441bc3a7aa3a24503f3b64

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9386 0
0 89ms
89ms Fetch
image/gif 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6TfA5NTGfws1WPGB-okQ6KMEEv8rDcaJHPLpedrXcKUMzAKeb-H_RuEPZgwm9hUz-1oEmIAJJeoJ61K0ISpDAVtFe1lhVNy6I56Ka7901Pzh9xURKsYPoa15-KWtbxK_RXsfhdjop-WcFrI4hTXjvhCMPwaHdHnHXwUR7KywZ7WBBhT75SIz1BiuCPZU9GGpj2zwBNmRfKiq-Yc7x6W5DYLPWe63e9_3XXm09BT0wnssGmxI0vKaO9-bK7uhfJOt4ItB_rQsFKEix9TPQ8bvGv-37a_rzw-9iCjboUkMUKqqTSQjosPiPx0iThRFtOkMI101-bNt6qsAsvIOS1G-kPF-Gj67-GwCnTNwE1Cg2DY4vtiPAGFSYjgMjRtqkXD37BNyagYTHNZ3BFgxUwC4aO2G0W8r-ot0pdgNFVMnakWswyVsy_XeuaJCXMEOhj45qIRaIwP6jyIWuBQHI7itgvMVB3ALlMSQBJKs4xqsLbgsT66fFDzj6IM3tfb3duK-lQjpJZV4QZAABIdJUcGRJJq1PHdfs5s6n_Z4CHM-2YeIsf1Hq830OCTAU5IAV2Zcu1WSX8FspXhh7oiMeXLNOezeqVNTBovxp14VbyOTSUa69eRt8LSB5XmXsAVyTeZ6KCEPnkkVEHV3IVj2obTh9mH38Q5TE6GoItFAhUZzxC8nfgX7lGBIXO-3HxgVTAQMvRAGD8N1LAy4vTPdA4JkebdrDs08BhytFVoRNX6MHekbPFVxviUoeJ34sazZIbgzobB8hkwE2l97-Df6p4i1vY9Bt4NQN5tHBNbmv6oo8TGvw78EZCl8PFv24OmbSZ40wZNNfUl9GxMqxR5NIg1g12gtDnLVyau_yJ5lXjCvbaek2hCZkZuBvrWqlhZRwk2Y4qSQIDkQdYok4lQ3ND3T0-JKkBm9d9YqKlm-iAPBoNjOTo3O0Mto-wWd3vcoFTp8e3RCw9EZmZ0S_-wOYTFQ1FUbCjZ26teidOxX_urs079ZK5t-snJJT3uSSoyoOMkgSoCMKbCRS8b_3LFkTvtFi9paXW0CzumZ77sYVhki0FFCDVCJBdyyHdymop_eV-RnXRxG68zfbjXCIki45pnCNornAaWYruPEOHa2-zgQ69-QCpU9UuzZliEY35ykxxeAsulNDrYWjI0XwQxY3ISs3DKMm9zZlRcknr4-rjK-g9G7C0JZ4xshL8dM6P16r6YUNsoqD1rV_Guta1X0qSDhA6-bbxMGq16GksriRe3XaPcnLqeLLO1AJT6-e6F45XmGK_cZ1a6Z0khf6r6mXBNGM71PK6qgeXdRFxNx9mtBslCQ5g4-Sdo8PAVKhKobd9mUlAKy5ZHqe-2GX2rP13WQPdF0keSzufhMzTwKK5n9JvYk3FiJTI0r1t5HIT8FsVYD3hA0yjcvoG0SrebbgRFI&sai=AMfl-YSGsC8kddpNxXAm27FJgmKZhCtMCdNqLIUFMeKbM5tAiQj4U9wqS035f_m0vdiZeLmwy0dfigW3gTK83QsRUTokUZcQiarM5oInYKm-IsjPJBbVVS87K3y0WjCzBwUnFe5gpElivMMvZDf4lmYIhSZwoCTdcdZssIF8472fRqvZ2YL5bT_ZHvmieMkpUoFSDgubA_TdEFEN0WQpUeSWyov8PwBioFVTViOfu8769yi6NpqmQgWkPT4l0WYw5ygtVCj6h7EhGlDg13zoYtlRjNOZO0ENYn3vxidbKnkAQQduGAV4OmyGrXwj5JdAg7i1WSEWkrRXiAdrwaeaPcBusup8eoXF3F-t1I8cD40tD-5HBbvtogwiCPKBPY4UpzHTYOgyaRDCSWh5Ao17r14uAVVUgKUaMhqJHOI1TuAP-FPpAMz15hnzgQCYtAG2c0N5nSI0QidJqpFdAqfWDkj4ftp_9o9IqsWbfERE2IznrhoA6Z1O5tL3r-uBbz5NWedSj2PU5rIDZ6UYnQ&sig=Cg0ArKJSzKT9HahbVeYPEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9mb29kYmFzaWNzLmNh&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=177&vt=11&dtpt=176&dett=2&cstd=0&cisv=r20240313.46114&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Mar 2024 08:48:34 GMT

GET
H3 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 062C 51 KB
20 KB 27ms
26ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 388005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:01:49 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 681ca95af4fb59ae89d31a01f01d3e04827467d36c32388bdab5bbf4881c58e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 166ms
112ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

d177668a97e4a87e5587d322ea124e37a48922075f54ee8918c6d11a1f0effa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12385
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 062C 0
20 B 87ms
87ms Image
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCADQ4f_3ZeSHJ_ztxtYP0KePkAYAAAAAOAHgBAI&bg=!NDelN3jNAAb_2pXa39o7ADQBe5WfOMdTt0B5StOmSRieyYmlsOS1_GQPXiDsVL7UfocJclA2X8I_h_acekFSeZUpW8v_AgAAAEpSAAAABGgBBwoAOD9VtEXD7GcPFe-Zrh4gLgpet4QE5PKlxvm1Rw0ouibJk7UzNiLoLewGccuaPe6qZDf9abSEo9g_mQLifhHU0muL2UtF1Ln7CpU-hH9QK_N3jEQomapn1Kc6QmKf-EdVfq-OESdRJTzOdbUDE2zksYUDa17-LKVBAhsj4oW6pfgMmUJw9Fi7a2Vt_4NPkl_V23j2HMRQuxQSQ-Y2OPSER6ILGLSOpSnacZ8l3A92kpcpewc0VE-B_gda3D9cctJc_TpAjr1LjFiHOgAeio71Hv02f1rA7BnrouFp-LRY-L1bOjilh-mYaDAE-k0ktsDJPJ5y02p1XzGt304_kHaB0EHWvwlDsFk9xUj_2bsaPS7aHYPDMX8MDATgCXjW5cUwNkQiD95o4HpbfW7G1o-m-0QetQ0kb6Ln68uxjL_9Vh5gnYnGxGvL6NBSlW6h0X7e6Svzp36gJNJZ8qXigMnlXdWidb7FpprbJdumbqBwwIZlISKbUJQ5gom1tb4SQ374BChuh_ntwawIL4bUEQJejzsiSKd_PcTEAkqpFHRHYFr1prp3ShtfKlzwUf1EtolbEjJZvokYiqCSSI64vPyk39_5cgA4NM4OWC_0vCyEcVNlnKuwLFHSrX7eLjKzfkXxCnizySKelGaAeet5ikOkAhAS8ZCNhSLLYl-zfiBRamaAiJEa_BOWF1DMtwOh73g5FUieUMPMHxxgN5xp9n75b5srGVTcHKJkYLDHw5cOf3W31RY7EzXEPMZkkWcakUuvrESrGDL3kwcMmYde8JXbpCJWM5AWMwOLFcRMWRdMrYgG-GNKp9290H8j7JDxQxKgZU2fYBZR9HwxI8ZGwshPoGT891W-lDRnuuly8fezHEKbTWe1I8CNg03OJ9diCH8_EVXKeppxc0eFYas7PLcRJsiawluOf7sSNFX6jRBgPk94KjB62E_aXoLr0C4_r_o70WKMkkBLRNZfLyiic0SO37ahU9gON4K1y2W3j6vFq6yKMfLPaArI2PMlBonbiubSnq1W5LkvSG9OFn0RkdY37HS7cW2phpqwVyPqhkWU

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 08:48:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A279 13 KB
5 KB 26ms
26ms Document
text/html 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://es.padventures.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 306290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 19:43:44 GMT
expires: Fri, 14 Mar 2025 19:43:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 42F0 829 B
1 KB 106ms
47ms Document
text/html 142.250.80.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f4.1e100.net

Software

GSE /

Resource Hash

9f1e50953a918ec1066a2c0e81bd76628bfac310c419004a1875e6ea1fdcc496

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XadgkXjbbdulqq9B0_hOsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://es.padventures.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XadgkXjbbdulqq9B0_hOsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 08:48:34 GMT
expires: Mon, 18 Mar 2024 08:48:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame A279 40 KB
15 KB 27ms
26ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 19:36:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A279 0
10 B 26ms
26ms Image
text/plain 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aNxeTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s78-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:48:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 42F0 0
0 85ms
85ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=220981229409062&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=220981229409062&bg=!SUqlSgXNAAY_ejuoH3o7ADQBe5WfONtvy7OJoMVuRWAcWuXMBvUX6VN7nvFpCvr698bBHOfvd7RFrzdqUDdXAFZLRNsgAgAAAENSAAAAA2gBBwoAxOLylPSlyXXdiFO-3UzB5pghqLFxZ5DwdIYsKygM0KiQpVMjqtnELOq1aF5tYsMCS7_saPHIlB4J1GjQY_eEsWjM2MVoYhGxal9gkejvLfOQsRVE6Ab2p82JrVqUC9Bt458TcsP4mk9iXOXFE4rOVESs7JRXwqgRL3pePh2m7fe6mKUdSRaHPrsHOt_s3A2NgJw-FXdw2gUZCjUnlAvlgguiuJOnuuGuAzSp3nmTzl7cMw3JAx5TWQfpz1-Px_7bRBXhVLiZAsoMUopuW85UE7rDxGzCh1oz7PbrRpgmy6bi6XJw48xQSK3_zMWu5LcqKCmNsq0B39qO2EcY1Vi8ofOFlOKRrltMXrsbPAa8_DgevBvD5u2DhD13bideakveVanI4ZyODMFlNhOVHtnhfTMYsVeiMGPzbtGYGfNrwN-23Pk9FVYWbuURZ2Jh6RbEum5IDaktxJ0aVAZ0JzXjQCY_cRe-jHjW4aur8vmb0sIF2E3cwyrKQjvNOuP7e2XS5GEFWv0dpCvIM_9B6QKCoGCRJ9QHbXF6ceC5UJtAxpQowg3Db7WwLfh-GlxQW8HLo3DgOF7JwhN-ZZNOHCKh8tTtgVov1GGsxRstHElp_ruOaB7hlE3xWJ03WntipR-D7nCyMcPBVOg5_IcIEca1PIgOFwT8y7PCMLJqdoYYkFmLgELQeNZ62I3yPl2MncDa-G8RuCYWFJBitu4Q_jd3VVlq3gu74LPyOWZnv132Qjf__HcwYbIWtsBUivEEDTpEIp46KqSFJwSNgozygCLRlRL4DPW-FfO9M_gd6I_faz5N3cbZ6vlCKF3BX8rZKW56_vL8adwe3zBccM09BIatIUBy6kTaMgjbrCw2atWKOiI_TTRKR26CKhOi1dN5rN1eP-50rtDhfcYTI--IfqCANySA7ftawxVTjNsKXoxF8zwrpXkgrimbjY_mOpaMMF62QlxawddBhU0WgNYfD8mU7Lth0CIjk8Cb4wR6is6eNKdDy7Ps9UM11PvVRxzP_UJ8MP3h5PewsGS7ilsjQsQKqH_IndceNBhL7_bQmTTp8pWJdWkEGkyiOVluU1U1QPp5kAw3bfo7O0VCNhhFmWvJlL5V-q1DNN8Y46jcxTxpPSxq4LXG7gSlNmZ-6bjCw8W_BZPAvY2T1jR_9yJk9bzadaR9EXo2BjmN9k5excMwruUeox5L6tqWuxKRhqxmfi2kg-Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://es.padventures.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9386 42 B
64 B 92ms
90ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKRvtjdIGeinGu8tRKxme-Jxth43Mez-hgagZSO03hAAJCKFIyF0RPBVerca6GkN5jcgBTPyzPCFDgV0XHxTGhavlfMb15ulYJDSmulIntvSOAhHYS5U8UP4FpWYFtfPHt9UUNkY0uPgc2yb3rToY8Ra6MHWDbUVs&sai=AMfl-YQm0niwrGGNL_WTyX4sqsn2hI3RaiGXvtbtbYgL-GiejY_jmyBnq76x_cHt_vaHTyDwDGL-eiEWueg_e4GqyB0v3SEpnqPlQpKNJ-VO1K9jpdrqrt1MD1QJfSlMl9H7Z2H3edpVeNx9cjhcQtRkUw&sig=Cg0ArKJSzC6ogvOi1LCvEAE&cid=CAQSTwB7FLtqHNkQ2gLY4L1EbBfPCJQKZkGbJVoTEr8_9bhnb168fOcelWDXpc7DZEdyRivV3YWzBv510UiBlXixBDvKj_TtgskmoNX9V27IzwQYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2352085356&rs=2&la=0&cr=0&vs=4&r=v&co=668451400&rst=1710751713545&rpt=874&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 08:48:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

302 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:48:31	Name: IDE Value: AHWqTUkX-HkPc6gHwIOJNJnQ--agajhBf-jPPSNbJLoP6Ym9AaZOeCqo4_nPz3_Z7yo
.doubleclick.net/	1970-01-20 23:31:43	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:58:07	Name: CMID Value: Zff-4kt3uXkAAA1LALH-jQAA
.casalemedia.com/	1970-01-20 21:22:07	Name: CMPS Value: 178
.casalemedia.com/	1970-01-20 21:22:07	Name: CMPRO Value: 178
.padventures.info/	1970-01-21 04:34:07	Name: __gads Value: ID=a89ee1c45e180aae:T=1710751713:RT=1710751713:S=ALNI_MbxDDiqb2h6QIbLj9HfxfSbSEPmXw
.padventures.info/	1970-01-21 04:34:07	Name: __gpi Value: UID=00000dd36d3e2fed:T=1710751713:RT=1710751713:S=ALNI_MYcfSGgQyokgSt8Kyx-a2kQ97rGSw
.padventures.info/	1970-01-20 23:31:43	Name: __eoi Value: ID=b641136366c8d5ae:T=1710751713:RT=1710751713:S=AA-Afjag6qijIk-4-SiYt1F4vaTP
.adnxs.com/	1970-01-20 21:22:07	Name: XANDR_PANID Value: DPAMNDOCSTe9LVAexgLSpZrJzQS-d8trECQJDWG2xtzk3IcnKrKIcw2rfNNqEqhaY5RxqDOaz3hSD4HU459RUYFicbqnMkTNX11EMmOrpIo.
.adnxs.com/	1970-01-21 04:48:31	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:22:07	Name: uuid2 Value: 3733069931277096396
.adnxs.com/	1970-01-20 21:22:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ax<Qr]!]tbPl1M>e)ZlrFUfJ+tGXxoX^]deCCwm=AX=ICg[I9f?PQmnNc?0RHu]heG3If)y3KL9D3I?+z1QrrD

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://es.padventures.info/skins/skins/header.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://es.padventures.info/P%C3%A1gina_principal Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
ctxtfl.com
dsum-sec.casalemedia.com
es.padventures.info
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
services.ctxtfl.com
tpc.googlesyndication.com
www.google.com
104.18.36.155
142.250.65.162
142.250.72.98
142.250.80.4
142.250.80.70
142.251.32.102
142.251.35.161
142.251.40.162
172.67.151.240
51.222.153.228
68.67.179.155
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
09b5b7b06093a2765a78a6e37e16df6f293b4237d6f51962f7ff9e99eeb044b6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
227ab45952e97647cd9b57b66d8a380e8e2e4db50bdf8f6bd9cdaaaeaae74431
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d8fd28f45a349b17781035d996df34062f48e11a639e0c502999d69398d642c
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5905c6ff4b5617abf09cb17641a6cbf4291607ea31a3a2db03b65edbfcebee9a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
681ca95af4fb59ae89d31a01f01d3e04827467d36c32388bdab5bbf4881c58e2
699af2b7a7b1edfdbffb53d6d1b5494fb438ed7dcc5ee920b9d56bcc8fc8c14b
6cd9e3526d7e0e1e4a75786716d09174e1412fe35597703af7593541cfbd8ede
74d7aa0346dd719a960134bcb0356bbbc0c1b6e13f518f2c1062c39176bae1c3
78f455f078fdcf29c57e7ac1137899c68f21b9b1c594f2cecfeb16bab82fe90d
799e48e33b7e6d1742d0add66f86e1e9244d5075567a52b06f9d3e8ddf7be464
8f6a53a2a290646fa64b9f2abd28aed4354621899da4b04c113ac90141939237
92cfdc842c5a7d694e7caa258784b29203842c5d21df1af2a332fd4a62cc8440
9b0b28ce05561b6e334bd5de4b2227ec0256cd020d48c5c404e8fa9d39b3e7d3
9f1e50953a918ec1066a2c0e81bd76628bfac310c419004a1875e6ea1fdcc496
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5c93392a3c0f220ef2b82c5583b507543b573b9312d90dcbed4696408939029
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b798d478a6c0b0a46229a9ac13ec40d0ce9a57d63b87aa6acc473826c387ad9b
bccb798297c4ed1d0570183f0bb61adb37d2b1e02a9730dceaa3de8435c405ef
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
d047d5437d50995f760b9738dc77a0e457b6713e1dc0355a0b5f18fbb5cb3c83
d177668a97e4a87e5587d322ea124e37a48922075f54ee8918c6d11a1f0effa4
d3335e798a08338c1d70a49f16cca90e41a5fe0ba121b0deff37a79e634a0aa7
dbae5abdf55bb5fd1b5065f7e4a2e1e2f32f54f37f441bc3a7aa3a24503f3b64
de2ad9d56e3878adff4467713afb0dca41e14363d3f4459f228169d9fa5d68d0
e121e13b8ad0887bd814205eb81113fd23cf6841d391d6a0c8deff3e4eac2af4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea40f4f405204f6403c97a6ad2b2f06ba2bfe2fe42e85ac28a9d59ded147721f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596
f48d5807b4a98e3412650fcde60cdfe64cc058c99b07a68650c13987692f0b5d
fa86b811027fd5dc20c28c65551d994c8afa3b9430fd246c2f98a069736f272a

es.padventures.info Open in urlscan Pro 51.222.153.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

65 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

12 IPs

3 Countries

2146 kBTransfer

2883 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

es.padventures.info Open in urlscan Pro
51.222.153.228 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

65 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

2146 kB
Transfer

2883 kB
Size

12
Cookies

46 HTTP transactions
10 data transactions