urlscan.io logo urlscan.io
SecurityTrails logo

xarelto-us-es-1030655.live Open in urlscan Pro
104.17.157.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://xarelto-us-es-1030655.live/
Submission: On January 16 via api from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 11 domains to perform 49 HTTP transactions. The main IP is 104.17.157.1, located in and belongs to CLOUDFLARENET, US. The main domain is xarelto-us-es-1030655.live.
TLS certificate: Issued by WE1 on November 21st 2024. Valid for: 3 months.
This is the only time xarelto-us-es-1030655.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.17.157.1 (None, )

ASN13335 (CLOUDFLARENET, US)
xarelto-us-es-1030655.live
1    2600:9000:206f:c000:e:52c5:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.system1onesource.com
6    18.66.147.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-19.fra60.r.cloudfront.net
s.flocdn.com
6    2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.system1onesource.com
4    2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
www.googleadservices.com
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads.g.doubleclick.net
8    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.es
1    18.66.147.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-102.fra60.r.cloudfront.net
s.flocdn.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
6    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    3.251.36.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-36-204.eu-west-1.compute.amazonaws.com
soflopxl.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.es
Apex Domain
Subdomains		 Transfer
10 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 3878
52 KB
7 google.es
www.google.es — Cisco Umbrella Rank: 25603
970 B
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 131
699 B
7 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 88
partner.googleadservices.com — Cisco Umbrella Rank: 5623
8 KB
7 flocdn.com
s.flocdn.com — Cisco Umbrella Rank: 46625
278 KB
7 system1onesource.com
ob.system1onesource.com — Cisco Umbrella Rank: 40515
obs.system1onesource.com — Cisco Umbrella Rank: 37184
40 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
490 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 358
16 KB
3 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3316
720 B
2 soflopxl.com
soflopxl.com — Cisco Umbrella Rank: 29826
399 B
2 xarelto-us-es-1030655.live
xarelto-us-es-1030655.live
4 KB
49 11
Domain Requested by
8 www.google.com 6 redirects s.flocdn.com
www.googletagmanager.com
7 www.google.es xarelto-us-es-1030655.live
7 s.flocdn.com xarelto-us-es-1030655.live
s.flocdn.com
6 www.googletagmanager.com s.flocdn.com
www.googletagmanager.com
6 googleads.g.doubleclick.net 6 redirects
6 www.googleadservices.com 3 redirects www.googletagmanager.com
6 obs.system1onesource.com ob.system1onesource.com
xarelto-us-es-1030655.live
4 bat.bing.com ob.system1onesource.com
bat.bing.com
xarelto-us-es-1030655.live
3 syndicatedsearch.goog www.google.com
2 region1.analytics.google.com www.googletagmanager.com
2 soflopxl.com s.flocdn.com
2 xarelto-us-es-1030655.live
1 stats.g.doubleclick.net www.googletagmanager.com
1 partner.googleadservices.com www.google.com
1 ob.system1onesource.com xarelto-us-es-1030655.live
49 15

This site contains no links.

Subject Issuer Validity Valid
xarelto-us-es-1030655.live
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.system1onesource.com
Amazon RSA 2048 M03		 2024-12-11 -
2026-01-10		 a year crt.sh
*.flocdn.com
Amazon RSA 2048 M02		 2024-11-05 -
2025-12-04		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
*.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.googleadservices.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
syndicatedsearch.goog
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
pxtres.com
Amazon RSA 2048 M02		 2024-08-28 -
2025-09-26		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google.es
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://xarelto-us-es-1030655.live/
Frame ID: 1B1F7FBE4188A74CF92D403042CB50DB
Requests: 44 HTTP requests in this frame

Frame: https://s.flocdn.com/%40s1/dpl/4.18.10/iframe.html
Frame ID: 797B0A6C8ED62C6C2007A0168F24FFE6
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=es&ivt=0&rpbu=https%3A%2F%2Fxarelto-us-es-1030655.live%2Fserp%3Fsc%3DiiiAgHlmKeu420%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107&format=r5&nocache=3821737025339689&num=0&output=afd_ads&domain_name=xarelto-us-es-1030655.live&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1737025339689&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&nfp=1&jsv=712519386&rurl=https%3A%2F%2Fxarelto-us-es-1030655.live%2F
Frame ID: C269356650B8586FFD8863AD25F26F36
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/51f0/sw_iframe.html?origin=https%3A%2F%2Fxarelto-us-es-1030655.live
Frame ID: AFC23E1953D8AEEA3E6C628866F4F640
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xarelto-us-es-1030655.live

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

84 %
HTTPS

47 %
IPv6

11
Domains

15
Subdomains

17
IPs

5
Countries

891 kB
Transfer

2250 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.googleadservices.com/pagead/conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJHJsQII08WxAgjszLEC&pscrd=IhMI3-640ov6igMVrIuDBx2rJClFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJHJsQII08WxAgjszLEC&pscrd=IhMI3-640ov6igMVrIuDBx2rJClFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dDTfgusjYaB8kFErvG4kNK1brods-hg&random=4147628166 HTTP 302
  • https://www.google.es/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJHJsQII08WxAgjszLEC&pscrd=IhMI3-640ov6igMVrIuDBx2rJClFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dDTfgusjYaB8kFErvG4kNK1brods-hg&random=4147628166&ipr=y
Request Chain 7
  • https://www.googleadservices.com/pagead/conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJDJsQII08WxAgjszLEC&pscrd=IhMI3eq40ov6igMVKYODBx3cWjviMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJDJsQII08WxAgjszLEC&pscrd=IhMI3eq40ov6igMVKYODBx3cWjviMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dpMxWsUPAuj0e6TKwW-uvr-j6KPoHRw&random=574720604 HTTP 302
  • https://www.google.es/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJDJsQII08WxAgjszLEC&pscrd=IhMI3eq40ov6igMVKYODBx3cWjviMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dpMxWsUPAuj0e6TKwW-uvr-j6KPoHRw&random=574720604&ipr=y
Request Chain 8
  • https://www.googleadservices.com/pagead/conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQIIz86xAg&pscrd=IhMIiee40ov6igMVQ6uDBx0lDQRvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQIIz86xAg&pscrd=IhMIiee40ov6igMVQ6uDBx0lDQRvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dY5AXMD5kaF-kLZr21kQnUifIVcuQzg&random=1658257751 HTTP 302
  • https://www.google.es/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQIIz86xAg&pscrd=IhMIiee40ov6igMVQ6uDBx0lDQRvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dY5AXMD5kaF-kLZr21kQnUifIVcuQzg&random=1658257751&ipr=y
Request Chain 38
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIq56a04v6igMV7JWDBx27hD1ZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjdVTzl0dW5acmVyUGFMaFRMZnpGcGZvYVpObGJ4cjhHMVBZQ2xKWmJsdG5GLXJPNkpoRGF3 HTTP 302
  • https://www.google.com/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIq56a04v6igMV7JWDBx27hD1ZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjdVTzl0dW5acmVyUGFMaFRMZnpGcGZvYVpObGJ4cjhHMVBZQ2xKWmJsdG5GLXJPNkpoRGF3&is_vtc=1&cid=CAQSKQCa7L7dJ9AhWrCeaAfWXaaGr2_0ERzZTruA_6AFV0BCoHBVsObaCifC&random=915455774 HTTP 302
  • https://www.google.es/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIq56a04v6igMV7JWDBx27hD1ZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjdVTzl0dW5acmVyUGFMaFRMZnpGcGZvYVpObGJ4cjhHMVBZQ2xKWmJsdG5GLXJPNkpoRGF3&is_vtc=1&cid=CAQSKQCa7L7dJ9AhWrCeaAfWXaaGr2_0ERzZTruA_6AFV0BCoHBVsObaCifC&random=915455774&ipr=y
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIo7Gc04v6igMVDpCDBx14mhPGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjUzUE5YYVZwX1RHZXpvTXd1bHNabzNmemllSldyZDJyYWJocU1oZ1BWNWFHWVlJNlJwUHNN HTTP 302
  • https://www.google.com/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIo7Gc04v6igMVDpCDBx14mhPGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjUzUE5YYVZwX1RHZXpvTXd1bHNabzNmemllSldyZDJyYWJocU1oZ1BWNWFHWVlJNlJwUHNN&is_vtc=1&cid=CAQSKQCa7L7dtUJ_jnXImhauTjRkAbROclmyNGgjpFQBH3pKnnDthVSFFCV9&random=2687817380 HTTP 302
  • https://www.google.es/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIo7Gc04v6igMVDpCDBx14mhPGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjUzUE5YYVZwX1RHZXpvTXd1bHNabzNmemllSldyZDJyYWJocU1oZ1BWNWFHWVlJNlJwUHNN&is_vtc=1&cid=CAQSKQCa7L7dtUJ_jnXImhauTjRkAbROclmyNGgjpFQBH3pKnnDthVSFFCV9&random=2687817380&ipr=y
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpuWd04v6igMV44-DBx0m-ThfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjZ0bmVqeUdyeXpPMk5Fc2VrcGhNVjR4UHFLNGEydnlhNGxaOEM5M09NcHVwV1VYaHZ6WHVJ HTTP 302
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpuWd04v6igMV44-DBx0m-ThfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjZ0bmVqeUdyeXpPMk5Fc2VrcGhNVjR4UHFLNGEydnlhNGxaOEM5M09NcHVwV1VYaHZ6WHVJ&is_vtc=1&cid=CAQSKQCa7L7d-mNkVj5jv6xc-tpRe3ois3IvTOrlYoX9jZge13QjVW6REzmc&random=2406110980 HTTP 302
  • https://www.google.es/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpuWd04v6igMV44-DBx0m-ThfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjZ0bmVqeUdyeXpPMk5Fc2VrcGhNVjR4UHFLNGEydnlhNGxaOEM5M09NcHVwV1VYaHZ6WHVJ&is_vtc=1&cid=CAQSKQCa7L7d-mNkVj5jv6xc-tpRe3ois3IvTOrlYoX9jZge13QjVW6REzmc&random=2406110980&ipr=y

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xarelto-us-es-1030655.live/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c67c4fa052eb50d3a0ba0550f9d91bd0375015f94b6d545e943d1f54754153d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
902d9cc91d762fb3-MAD
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jan 2025 11:02:18 GMT
server
cloudflare
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_swyAsyx3y2vTpRwhwu2jbP+Qxx0muWP9jBIP7gWLO+RpkTHN2oXro8uFyxfVd69ypocJnWVU1KM4+/wReL4yGw==
35289458b2de2bf5220f730bdbc66486.js
ob.system1onesource.com/i/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c000:e:52c5:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
b24f701006a0a5fdade11216c5400504cd074ccbce86884fa9cd2aa7ad75cee5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
"1a067-3up+T/PpldsC6qXWM2v6oucOdoA"
age
12516
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
expires
Thu, 16 Jan 2025 19:33:42 GMT
x-cache
Hit from cloudfront
content-length
38897
x-amz-cf-id
dSsEYCG4SC6JUk6DLne3jDlOpSNSZ5PzPRw6o-bZfpdcK1kWI-rI4g==
date
Thu, 16 Jan 2025 07:33:42 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Caddy
x-amz-cf-pop
FRA56-C1
deps.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/deps.js
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2350d26ef77e2164f5869f85c6923d954ac90af8033b61af9948bb11f6f1091

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xarelto-us-es-1030655.live
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-max-age
60000
content-encoding
gzip
etag
W/"196fe3855f3af681fe1bee6d97b71b6b"
x-amz-version-id
FGYc0Hqp78rSPRCryYqkUE0yxo47_YjX
access-control-allow-methods
GET, HEAD
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
BHkU9zr9KuJ-BOMtGmo8o6D38tQfE0UH4WdGx6yluu8cNsAk3dY4mQ==
date
Thu, 16 Jan 2025 11:02:19 GMT
content-type
application/javascript
last-modified
Thu, 09 Jan 2025 18:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
runtime.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/runtime.js
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ed80c2416cb9f1734b9d9371c12761f9a0102d00ca0b96af77e1cb319cad6fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xarelto-us-es-1030655.live
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-max-age
60000
content-encoding
gzip
etag
W/"1caacde96913cc78bae82a886cb7d36a"
x-amz-version-id
DzXX1.Uxsc4WLAtxEQP42CwMUtL4JONO
access-control-allow-methods
GET, HEAD
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
GnmCapryN_LNs2kpLeiv29u2vvmaXaJ7BIr1R5MixGE30dtLvs_ojA==
date
Thu, 16 Jan 2025 11:02:19 GMT
content-type
application/javascript
last-modified
Thu, 09 Jan 2025 18:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
ct
obs.system1onesource.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/ct?id=28382&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&sf=0&tpi=&ch=cheq4ppc&uvid=gytwn8i12gyvi77pzsfvr8ti&tsf=0&tsfmi=&tsfu=&cb=1737025338507&hl=2&op=0&ag=4270235709&rand=73915628981195109052876290070987037295405200791416081280618773006222216211221122086261&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI4NjFdLFsiYWJuY2giLDIwXSxbLTMzLCItIl0sWy00OCwiMCwwIl0sWy02MSwie1wid2dzbFwiOlwiNDtwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02NywiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTcsIjIyIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMTAiXSxbLTUxLCItIl0sWy01NSwiMCJdLFstNzEsImEwMTEwMDEwMTAwMTAwMTAxMDAwMTAxMDAxMTExMTAxMDAwMDEwIl0sWy03LCItIl0sWy04LCItIl0sWy0xMCwiLSJdLFstMjQsIltdIl0sWy0zOCwibCwtMSwtMSwxLDAsMCwwLDI1NywxNDUsMzM4LC0xLDAsLCwxMTA3LDExMDciXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0xLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy01MiwiLSJdLFstNTgsIi0iXSxbLTY1LCItIl0sWy0zNCwiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ5LCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltcIl8wXCIsXCIzNDY3MTU2MDAzXCJdLFwiYlwiOltdLFwic1wiOjF9Il0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yMSwiLSJdLFstMjcsIls1MCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTYyLCI4MCJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTE5LCJbNTUwLDU1MCw1NTAsNTUwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjg1LDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMCwwXSJdLFstMjYsIntcInRqaHNcIjo3OTgwOTg0LFwidWpoc1wiOjUzNDU3MDAsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTM1LCJbMTczNzAyNTMzODQ3NCwwXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTksImRlZmF1bHQiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTksIisiXSxbLTE2LCIwIl0sWy0yMywiKyJdLFstMjksIi0iXSxbLTIsIjUsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1ErOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3c0NTRC8xZSJdLFstMTIsIm51bGwiXSxbLTE0LCItIl0sWy0yMCwiLSJdLFstMjUsIi0iXSxbLTQwLCIzMyJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTYwLDIwN10sWy02OCwiLSJdLFstNzAsIi0iXSxbImJuY2giLDY5XSxbLTQsIi0iXSxbLTQ2LCIwIl0sWy00NywiQXRsYW50aWMvQ2FuYXJ5LGVzLUVTLGxhdG4sZ3JlZ29yeSJdLFstNTAsIi0iXSxbLTUzLCIxMDAiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZFBYQmtSVVUxTlNVb0RGaFpXV3hkS1FFcE5YRlFJVmxkY1NsWk1TMXBjRjFwV1ZCWlFGZ29NQ3dFQURRd0JXd3RkWEF0Ylh3d0xDd2xmRGdvSlcxMWJXZzhQRFFFUEYxTktBd2dERHc0QUR3b1FGVmhOR1VzWkVWRk5UVWxLQXhZV1Zsc1hTa0JLVFZ4VUNGWlhYRXBXVEV0YVhCZGFWbFFXVUJZS0RBc0JBQTBNQVZzTFhWd0xXMThNQ3dzSlh3NEtDVnRkVzFvUER3MEJEeGRUU2c9PSJdLFstNjMsIjAiXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58OHwyMnx8MCJdLFsiZGRiIiwiMCw1LDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMCwxLDcsMCw3LDAsMCwwLDAsMCwwLDEsMCwwLDEsMiwwLDYsMSwwLDAsMCwwLDAsMCwxLDAsMCwxIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw0LDAsMCwwLDAsMCwwLDAsMSwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=&cri=FCjgag6onl&pto=1161&ver=63&gac=-&mei=&ap=&fe=1&duid=1.1737025338.M4mpqBU51CmfE1x2&suid=1.1737025338.nAMqS2MyIbz3qtnv&tuid=1.1737025338.XAXLRmfR34Qt09fL&fbc=-&gtm=-&it=4%2C752%2C326&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d18ad0a9c651ba3eb481c46b73e56defe75b0d9ee446dfb7672d2fd4b23ce306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
https://xarelto-us-es-1030655.live
content-encoding
gzip
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
1464
date
Thu, 16 Jan 2025 11:02:18 GMT
content-type
text/javascript
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE9A57E3372C4945A82A2D57EFEFD42D Ref B: LON212050705031 Ref C: 2025-01-16T11:02:19Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 16 Jan 2025 11:02:18 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
e80392e8-7bd4-40e6-bbf8-60ebe46d5917
https://xarelto-us-es-1030655.live/ Frame 		0
0
/
www.google.es/pagead/1p-conversion/932435890/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWx...
  • https://www.google.com/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxA...
  • https://www.google.es/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAg...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJHJsQII08WxAgjszLEC&pscrd=IhMI3-640ov6igMVrIuDBx2rJClFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dDTfgusjYaB8kFErvG4kNK1brods-hg&random=4147628166&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/932435890/?label=HtPMCKDQp5QZELKvz7wD&guid=ON&script=0&ct_cookie_present=false&random=365071612&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJHJsQII08WxAgjszLEC&pscrd=IhMI3-640ov6igMVrIuDBx2rJClFMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dDTfgusjYaB8kFErvG4kNK1brods-hg&random=4147628166&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.es/pagead/1p-conversion/982246529/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWx...
  • https://www.google.com/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxA...
  • https://www.google.es/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAg...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJDJsQII08WxAgjszLEC&pscrd=IhMI3eq40ov6igMVKYODBx3cWjviMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dpMxWsUPAuj0e6TKwW-uvr-j6KPoHRw&random=574720604&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/982246529/?label=sT-ICP-w_JQZEIHJr9QD&guid=ON&script=0&ct_cookie_present=false&random=899506211&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCJDJsQII08WxAgjszLEC&pscrd=IhMI3eq40ov6igMVKYODBx3cWjviMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dpMxWsUPAuj0e6TKwW-uvr-j6KPoHRw&random=574720604&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.es/pagead/1p-conversion/1058340534/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsm...
  • https://www.google.com/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmx...
  • https://www.google.es/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxA...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQIIz86xAg&pscrd=IhMIiee40ov6igMVQ6uDBx0lDQRvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dY5AXMD5kaF-kLZr21kQnUifIVcuQzg&random=1658257751&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/1058340534/?label=w8daCMaRmpQZELb90_gD&guid=ON&script=0&ct_cookie_present=false&random=998585266&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQIIz86xAg&pscrd=IhMIiee40ov6igMVQ6uDBx0lDQRvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlLw&is_vtc=1&cid=CAQSGwCa7L7dY5AXMD5kaF-kLZr21kQnUifIVcuQzg&random=1658257751&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tc_imp.gif
obs.system1onesource.com/tracker/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.system1onesource.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269e9c737ef4489959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f674ad0848800786a4ea8797305863dd7619107650d229303540d66525ac6e8384e77be26bb25cb43e2913bf05365ac5c7e721bda53ee45f497d7d73abb2807ff7ecaa8556d8e0e3143714493d60266a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf62f8ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dbb338963b5883f19d2a1f45f76566fe944262bf89fe73dd04fc17ba8419c119d9d36d9a6d279c9a26d96c8cc0adb1d3fde90b72b26bf6f8f0364e7ced9136ccf01dae00051c821e4784d0d29a95abd27cc621c499f8c836ae7a7c74dc2b65d484964d36dde433f350b6c803d676ef25026c658c78ff0d9c9ffd31f8903b8744b4c19ccb608a5e547dfa4e540b3e093087ad69f41d94cd8d23b6c877ef916c94c2e5fd6984b5e4496d7384a90604d7f7471a07f7cdec3ff164de9308fdea3caf6ebc23c301a7488efd62836373f6a4807b2d2372417619567ca9e28570d100b1594f4329f8b453de98180cfda4debabc6cc6f1e5fc86f8a8ed4a4f3cf94f9ab7596e8042791ad7635e7670f767b27511c1f7dc608d69cb388aa82ed1a50b997a623d3256394ac8d2eec93d65549d1b4295d1dcb8b3c24d789aedfd3ce4aa767aab8f444968b193cb4a33f462dc0b8d10f13e8513dccb14f8b837e19880ccc6361fae83391ecb0ff4c7b3ea52c22a260a17d02d1a04a3a94d8ef215cd9a9cc856c884843b105f36d641c958fc37b18508d2324a773d28616da31ad893393ed473d2e5b16ccbc54c906627fe552d50c0bb804e03b12f97db4783586f1240bd273ed6fa957ac1543d939901e1828ced8a43c64f157f40b0652f519f99104efa61a5eccb2d93c1b34d0e2db060211416905403b3dbfc1212936b6dc1c8c4128bc6b0cf4530e366ee156057d05c723cc7da0d418bdfffc4bbf16aa148fa31867e98d155d6e7ae7a6bacd30d&cri=FCjgag6onl&ts=492&cb=1737025338999
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Thu, 16 Jan 2025 11:02:19 GMT
pragma
no-cache
content-type
image/gif
00ce9ede-7ec0-4434-8536-c4a3a7b2bdae
https://xarelto-us-es-1030655.live/ Frame 		0
0
UiSyndication.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/lib/ 		148 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/lib/UiSyndication.js
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23fbe2ab93951b6aadaec00ce44dab33995fba1e1d5c2e18e494b1d82ce6748e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-version-id
HSGe5DAcvPwfcxi.5B1L8cZpoKkmzKpG
etag
W/"3d95258cf58f3d02e93511f361cbc012"
age
55490
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
0t8SPr8eFlS1aXWDX9jbqcBiApY6rz7DS7wTaLTVpMwPqDKjNxDeow==
date
Wed, 15 Jan 2025 19:37:30 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 09 Jan 2025 18:11:55 GMT
211047010.js
bat.bing.com/p/action/ 		363 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211047010.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E78E7A20398C484DB67BE65D2C3A0962 Ref B: LON212050705031 Ref C: 2025-01-16T11:02:19Z
x-cache
CONFIG_NOCACHE
date
Thu, 16 Jan 2025 11:02:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
dpl-search.js
s.flocdn.com/@s1/dpl/4.18.10/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/lib/UiSyndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4f26dcadef4155163bcd7188541ca0be0c9292542dc25b822c8359b7e7c20ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-amz-version-id
Y2AOG7LCtdnKp9RIeYVMSl0FymcEJGqj
etag
"ba5caa0898a94da3c102e748f5c3110d"
age
7836134
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
16356
x-amz-cf-id
_5uGQo1CBPoxpK3LS1vrzPY1AZxeebQ5lZ25-bw5b9NetJuaxQP4OQ==
date
Thu, 17 Oct 2024 18:20:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 16 Oct 2024 19:31:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
caf.js
www.google.com/adsense/domains/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/994e6d1b4/lib/UiSyndication.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
sffe /
Resource Hash
bcda6149a255f64a24f2ac7f45d1e4f9f3be4e21954aaa76dd93177d0a00af1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
gzip
etag
"1612700392245371156"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Thu, 16 Jan 2025 11:02:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
texture.png
s.flocdn.com/layout/gd05/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/gd05/texture.png
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

etag
"57bbfe7c227619d47a41639eba996150"
x-amz-version-id
9nrwm6vbihUL1RldyKfYApKff2o.FEKN
age
27078
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
84780
x-amz-cf-id
Cbgc8YhAgPOKNk-n2L9GfQHeUFp8yjLmsSr2qcrViMG86MFPV6_UXQ==
date
Thu, 16 Jan 2025 03:31:09 GMT
x-amz-meta-version-id
HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-type
image/png
last-modified
Tue, 16 May 2017 22:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding
arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-19.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

x-amz-cf-pop
FRA60-P4
x-amz-version-id
q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
etag
"9ca21edfdf15faf735dad1f024227fbc"
age
34825
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
87916
x-amz-cf-id
0Uj0jsaocpxszqDq5cKK-iwClwG3Z4RyFuqEH8jb1vdEjKy-i1s3og==
date
Thu, 16 Jan 2025 01:21:57 GMT
content-type
image/png
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 04 Jan 2023 19:08:13 GMT
0
bat.bing.com/action/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211047010&Ver=2&mid=03419d22-11d2-4c4e-a948-27da3ed88f76&bo=1&sid=5ac00c60d3f911efb2386f3098f71c34&vid=5abff9f0d3f911efbadd4bfcea411318&vids=1&msclkid=N&pi=918639831&lg=es-ES&sw=1600&sh=1200&sc=24&tl=xarelto-us-es-1030655.live&p=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&r=&lt=1754&evt=pageLoad&sv=1&cdb=AQAQ&rn=836926
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 79C0246DF8D34D63B2C42E59A89EB112 Ref B: LON212050705031 Ref C: 2025-01-16T11:02:19Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 16 Jan 2025 11:02:18 GMT
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211047010&Ver=2&mid=03419d22-11d2-4c4e-a948-27da3ed88f76&bo=2&sid=5ac00c60d3f911efb2386f3098f71c34&vid=5abff9f0d3f911efbadd4bfcea411318&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQAQ&rn=732265
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 352987484EEB4CE3A173A9D5B9677D0A Ref B: LON212050705031 Ref C: 2025-01-16T11:02:19Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 16 Jan 2025 11:02:18 GMT
iframe.html
s.flocdn.com/%40s1/dpl/4.18.10/ Frame 797B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/%40s1/dpl/4.18.10/iframe.html
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-102.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://xarelto-us-es-1030655.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
7836126
cache-control
max-age=31536000
content-encoding
gzip
content-length
201
content-type
text/html; charset=UTF-8
date
Thu, 17 Oct 2024 18:20:14 GMT
etag
"a5df5c0aa8fb89b080d3d640e0f7688b"
last-modified
Wed, 16 Oct 2024 19:31:29 GMT
server
AmazonS3
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-id
F6TbRUgarVkjLgZ_UbnwRaOuGJE0p_9tFE8TpqY18AwjpxZinsGaZg==
x-amz-cf-pop
FRA60-P4
x-amz-version-id
XZIUO8pHbqIhGTza0vyrBZgPWHsZ5lgj
x-cache
Hit from cloudfront
cookie.js
partner.googleadservices.com/gampad/ 		406 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xarelto-us-es-1030655.live&client=dp-dotzup27_3ph_js&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d8b7733adcc8f7a5f8dbe4d06c0d812c19da1ab8f33ccdf97175e00c77dd18cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
251
date
Thu, 16 Jan 2025 11:02:19 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame C269 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=es&ivt=0&rpbu=https%3A%2F%2Fxarelto-us-es-1030655.live%2Fserp%3Fsc%3DiiiAgHlmKeu420%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-oo-1715430907199229&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107&format=r5&nocache=3821737025339689&num=0&output=afd_ads&domain_name=xarelto-us-es-1030655.live&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1737025339689&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&nfp=1&jsv=712519386&rurl=https%3A%2F%2Fxarelto-us-es-1030655.live%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&s1abp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-3s0ikc5kBCNwHegXI8E_2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://xarelto-us-es-1030655.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
3025
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-3s0ikc5kBCNwHegXI8E_2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 16 Jan 2025 11:02:19 GMT
expires
Thu, 16 Jan 2025 11:02:19 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fc2acc315b8212ec031feae41c89ba6034fa94e6580f34e454c12460c0ddda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 16 Jan 2025 11:02:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 16 Jan 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79372
x-xss-protection
0
server
Google Tag Manager
mon
obs.system1onesource.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-allow-origin
https://xarelto-us-es-1030655.live
content-length
0
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
obs.system1onesource.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-allow-origin
https://xarelto-us-es-1030655.live
content-length
0
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
dplpxs
soflopxl.com/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.36.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-36-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xarelto-us-es-1030655.live/

Response headers

expires
Thu, 16 Jan 2025 11:02:19 GMT
cache-control
no-cache
access-control-allow-origin
https://xarelto-us-es-1030655.live
date
Thu, 16 Jan 2025 11:02:20 GMT
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
js
www.googletagmanager.com/gtag/ 		404 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d3ac153cc9d27bb1627a636c4d09897f15714ed83b0841bef5df65c4d945e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 16 Jan 2025 11:02:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134336
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af66716f2f025a4bedec95b1009ba100a23952112a6ef9f56a3920b96cc6d2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 16 Jan 2025 11:02:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 16 Jan 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93182
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		268 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c91be3d728cbcbc6bd8fa8fd072e6d6ab0e4fbf72efdbd0ac195adf40bf0daa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 16 Jan 2025 11:02:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 16 Jan 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96774
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		268 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3SP83V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b53f69a24175702ed9f7aefece2454ab3cf5274f63910602c4faa89fe82e74d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 16 Jan 2025 11:02:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 16 Jan 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96778
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je51d0v888902321z8844758514za200zb844758514&_p=1737025339910&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=870104472.1737025341&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1737025340&sct=1&seg=0&dl=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&dt=xarelto-us-es-1030655.live&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=3325
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://xarelto-us-es-1030655.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
552 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1QH44F1BG5&cid=870104472.1737025341&gtm=45je51d0v888902321z8844758514za200zb844758514&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://xarelto-us-es-1030655.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:20 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.es/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1QH44F1BG5&cid=870104472.1737025341&gtm=45je51d0v888902321z8844758514za200zb844758514&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&z=2094077947
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=325278352.1737025341&dt=xarelto-us-es-1030655.live&auid=296227912.1737025341&navt=n&npa=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&tft=1737025340694&tfd=3348&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers
/
www.googleadservices.com/pagead/conversion/932435890/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/932435890/?random=1737025340697&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a09933211c3e20e2e0f8aa5558f9cf597d16cf3520e278d784f40259412d9ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2587
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
www.googleadservices.com/pagead/conversion/982246529/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/982246529/?random=1737025340732&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bb8cae18ef6a21ab8fb9288cc2e3c13c000b3a3c09e6059673f01392217d9a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2626
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
www.googleadservices.com/pagead/conversion/1058340534/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1058340534/?random=1737025340753&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ae787857122658bba058de70864e7aa94e296369f565365473ab8a5cb98932f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2619
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sw_iframe.html
www.googletagmanager.com/static/service_worker/51f0/ Frame AFC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/51f0/sw_iframe.html?origin=https%3A%2F%2Fxarelto-us-es-1030655.live
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jan 2025 11:02:20 GMT
expires
Fri, 16 Jan 2026 11:02:20 GMT
last-modified
Wed, 15 Jan 2025 10:08:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.es/pagead/1p-conversion/932435890/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=...
  • https://www.google.com/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp...
  • https://www.google.es/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIq56a04v6igMV7JWDBx27hD1ZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjdVTzl0dW5acmVyUGFMaFRMZnpGcGZvYVpObGJ4cjhHMVBZQ2xKWmJsdG5GLXJPNkpoRGF3&is_vtc=1&cid=CAQSKQCa7L7dJ9AhWrCeaAfWXaaGr2_0ERzZTruA_6AFV0BCoHBVsObaCifC&random=915455774&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H3
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/932435890/?random=844219279&cv=11&fst=1737025340697&bg=ffffff&guid=ON&async=1&gtm=45be51d0za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKJ2V2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIq56a04v6igMV7JWDBx27hD1ZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjdVTzl0dW5acmVyUGFMaFRMZnpGcGZvYVpObGJ4cjhHMVBZQ2xKWmJsdG5GLXJPNkpoRGF3&is_vtc=1&cid=CAQSKQCa7L7dJ9AhWrCeaAfWXaaGr2_0ERzZTruA_6AFV0BCoHBVsObaCifC&random=915455774&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.es/pagead/1p-conversion/982246529/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l...
  • https://www.google.com/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...
  • https://www.google.es/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIo7Gc04v6igMVDpCDBx14mhPGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjUzUE5YYVZwX1RHZXpvTXd1bHNabzNmemllSldyZDJyYWJocU1oZ1BWNWFHWVlJNlJwUHNN&is_vtc=1&cid=CAQSKQCa7L7dtUJ_jnXImhauTjRkAbROclmyNGgjpFQBH3pKnnDthVSFFCV9&random=2687817380&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H3
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/982246529/?random=713380615&cv=11&fst=1737025340732&bg=ffffff&guid=ON&async=1&gtm=45be51d0v868528064za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIo7Gc04v6igMVDpCDBx14mhPGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjUzUE5YYVZwX1RHZXpvTXd1bHNabzNmemllSldyZDJyYWJocU1oZ1BWNWFHWVlJNlJwUHNN&is_vtc=1&cid=CAQSKQCa7L7dtUJ_jnXImhauTjRkAbROclmyNGgjpFQBH3pKnnDthVSFFCV9&random=2687817380&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.es/pagead/1p-conversion/1058340534/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2...
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&...
  • https://www.google.es/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&d...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpuWd04v6igMV44-DBx0m-ThfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjZ0bmVqeUdyeXpPMk5Fc2VrcGhNVjR4UHFLNGEydnlhNGxaOEM5M09NcHVwV1VYaHZ6WHVJ&is_vtc=1&cid=CAQSKQCa7L7d-mNkVj5jv6xc-tpRe3ois3IvTOrlYoX9jZge13QjVW6REzmc&random=2406110980&ipr=y
Requested by
Host: xarelto-us-es-1030655.live
URL: https://xarelto-us-es-1030655.live/
Protocol
H3
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.es/pagead/1p-conversion/1058340534/?random=1623263060&cv=11&fst=1737025340753&bg=ffffff&guid=ON&async=1&gtm=45be51d0v9100102812za200zb844758514&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=xarelto-us-es-1030655.live&gtm_ee=1&npa=1&pscdl=noapi&auid=296227912.1737025341&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkcmxAgjTxbECCOvMsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpuWd04v6igMV44-DBx0m-ThfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiNodHRwczovL3hhcmVsdG8tdXMtZXMtMTAzMDY1NS5saXZlL0JXQ2hFSWdQbWl2QVlRb0tDejVKTzE5dGFjQVJJc0FGZTJvRjZ0bmVqeUdyeXpPMk5Fc2VrcGhNVjR4UHFLNGEydnlhNGxaOEM5M09NcHVwV1VYaHZ6WHVJ&is_vtc=1&cid=CAQSKQCa7L7d-mNkVj5jv6xc-tpRe3ois3IvTOrlYoX9jZge13QjVW6REzmc&random=2406110980&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 16 Jan 2025 11:02:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dplpxs
soflopxl.com/ 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.18.10/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.36.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-36-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xarelto-us-es-1030655.live/

Response headers

expires
Thu, 16 Jan 2025 11:02:20 GMT
cache-control
no-cache
access-control-allow-origin
https://xarelto-us-es-1030655.live
date
Thu, 16 Jan 2025 11:02:21 GMT
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
favicon.ico
xarelto-us-es-1030655.live/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xarelto-us-es-1030655.live/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cf-ray
902d9cdeae862fb3-MAD
expires
Thu, 16 Jan 2025 15:02:21 GMT
cache-control
public, max-age=14400
cf-cache-status
MISS
date
Thu, 16 Jan 2025 11:02:21 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
syndicatedsearch.goog/afs/ 		0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=8kjzutocq87k&aqid=O-eIZ9y_N--hjuwP8OWEyQg&psid=1646507740&pbt=bs&adbx=550&adby=50&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=712519386&csala=3%7C0%7C305%7C170%7C34&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-z5nUOttRO9Za_qm2edWm-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-z5nUOttRO9Za_qm2edWm-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 16 Jan 2025 11:02:21 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
gen_204
syndicatedsearch.goog/afs/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=3p46s5iwqkva&aqid=O-eIZ9y_N--hjuwP8OWEyQg&psid=1646507740&pbt=bv&adbx=550&adby=50&adbh=794&adbw=500&adbah=155%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=712519386&csala=3%7C0%7C305%7C170%7C34&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-TUvO74VeF-h5LOJB57MVvA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-TUvO74VeF-h5LOJB57MVvA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 16 Jan 2025 11:02:21 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
mon
obs.system1onesource.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-allow-origin
https://xarelto-us-es-1030655.live
content-length
0
date
Thu, 16 Jan 2025 11:02:22 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
obs.system1onesource.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://xarelto-us-es-1030655.live/

Response headers

access-control-allow-origin
https://xarelto-us-es-1030655.live
content-length
0
date
Thu, 16 Jan 2025 11:02:24 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1QH44F1BG5&gtm=45je51d0v888902321za200zb844758514&_p=1737025339910&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=870104472.1737025341&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1737025340&sct=1&seg=0&dl=https%3A%2F%2Fxarelto-us-es-1030655.live%2F&dt=xarelto-us-es-1030655.live&en=scroll&epn.percent_scrolled=90&_et=4&tfd=8332
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QH44F1BG5&l=dataLayer&cx=c&gtm=45He51d0v844758514za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xarelto-us-es-1030655.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://xarelto-us-es-1030655.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 16 Jan 2025 11:02:25 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xarelto-us-es-1030655.live
URL
blob:https://xarelto-us-es-1030655.live/e80392e8-7bd4-40e6-bbf8-60ebe46d5917
Domain
xarelto-us-es-1030655.live
URL
blob:https://xarelto-us-es-1030655.live/00ce9ede-7ec0-4434-8536-c4a3a7b2bdae

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| __ctcg_ct_28382_exec object| _cq object| dataLayer object| uetq object| webpackChunkfrontend object| React object| ReactDOM function| logHydrationScriptLoadError function| hydrateSSR object| componentScript function| UET function| UET_init function| UET_push object| ueto_3e8f9fe61f object| UISyndication string| onetrustTemplate function| OptanonWrapper object| s1 object| dpls1s string| GoogleAnalyticsObject function| ga number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| google_tag_manager object| google_tag_data string| defaultGaId object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO

18 Cookies

Domain/Path Name / Value
s.flocdn.com/%40s1/dpl/4.18.10 Name: c_cn
Value: c_cn1234
.xarelto-us-es-1030655.live/ Name: __cf_bm
Value: jjHCTDvX5L5ynKAgs3A5mJOMK1GNMAuK_Q2zk1CmdUA-1737025338-1.0.1.1-0.3ZsWp9jVIQkPwHzUmUD3ig4inSbh49sRrfd5nTdEwPjJkyga5QVMOJs7Q4tlGaandwxEX1YO5Kty_yzKKdTA
.xarelto-us-es-1030655.live/ Name: _cfuvid
Value: hoO7FsIPprtW5LUWIqwguFqPs1Kw1WysZz9lRuCXqSM-1737025338065-0.0.1.1-604800000
.xarelto-us-es-1030655.live/ Name: _cq_duid
Value: 1.1737025338.M4mpqBU51CmfE1x2
.xarelto-us-es-1030655.live/ Name: _cq_suid
Value: 1.1737025338.nAMqS2MyIbz3qtnv
obs.system1onesource.com/ Name: cg_uuid
Value: 3b717deef1411683f3e810adbcf50fc1
.xarelto-us-es-1030655.live/ Name: _cq_28382_v
Value: MjgzODJfY3EyMV90
.xarelto-us-es-1030655.live/ Name: _uetsid
Value: 5ac00c60d3f911efb2386f3098f71c34
.xarelto-us-es-1030655.live/ Name: _uetvid
Value: 5abff9f0d3f911efbadd4bfcea411318
.bing.com/ Name: MUID
Value: 2AA803E9BBF86DFE0A41169FBA816C15
.xarelto-us-es-1030655.live/ Name: __gsas
Value: ID=1d0ccaa4d0a2c9ca:T=1737025339:RT=1737025339:S=ALNI_MY66VfahdUhz6aDhGqY2cT8FhlHBA
.s.flocdn.com/ Name: _ga
Value: GA1.3.60424450.1737025340
.s.flocdn.com/ Name: _gid
Value: GA1.3.393145940.1737025340
.s.flocdn.com/ Name: _gat
Value: 1
.xarelto-us-es-1030655.live/ Name: _ga
Value: GA1.1.870104472.1737025341
.xarelto-us-es-1030655.live/ Name: _ga_1QH44F1BG5
Value: GS1.1.1737025340.1.0.1737025340.60.0.0
.xarelto-us-es-1030655.live/ Name: _gcl_au
Value: 1.1.296227912.1737025341
.doubleclick.net/ Name: IDE
Value: AHWqTUmZK7x0We6BaejhcAItngeUtlJpJyvuzF1yR5HulbHTEG5np8Yn4t5mHkqj

2 Console Messages

Source Level URL
Text
rendering warning URL: https://xarelto-us-es-1030655.live/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0020B3C250000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker verbose URL: blob:https://xarelto-us-es-1030655.live/e80392e8-7bd4-40e6-bbf8-60ebe46d5917(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
googleads.g.doubleclick.net
ob.system1onesource.com
obs.system1onesource.com
partner.googleadservices.com
region1.analytics.google.com
s.flocdn.com
soflopxl.com
stats.g.doubleclick.net
syndicatedsearch.goog
www.google.com
www.google.es
www.googleadservices.com
www.googletagmanager.com
xarelto-us-es-1030655.live
xarelto-us-es-1030655.live
104.17.157.1
142.250.181.226
142.250.184.228
142.250.186.99
172.217.18.2
18.66.147.102
18.66.147.19
2001:4860:4802:34::36
216.58.206.34
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:206f:c000:e:52c5:2040:93a1
2620:1ec:33:3::10
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:400c:c00::9d
3.251.36.204
1ed80c2416cb9f1734b9d9371c12761f9a0102d00ca0b96af77e1cb319cad6fd
1fc2acc315b8212ec031feae41c89ba6034fa94e6580f34e454c12460c0ddda4
23fbe2ab93951b6aadaec00ce44dab33995fba1e1d5c2e18e494b1d82ce6748e
2b53f69a24175702ed9f7aefece2454ab3cf5274f63910602c4faa89fe82e74d
2d3ac153cc9d27bb1627a636c4d09897f15714ed83b0841bef5df65c4d945e81
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
7c67c4fa052eb50d3a0ba0550f9d91bd0375015f94b6d545e943d1f54754153d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
a09933211c3e20e2e0f8aa5558f9cf597d16cf3520e278d784f40259412d9ce3
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ae787857122658bba058de70864e7aa94e296369f565365473ab8a5cb98932f5
af66716f2f025a4bedec95b1009ba100a23952112a6ef9f56a3920b96cc6d2ce
b24f701006a0a5fdade11216c5400504cd074ccbce86884fa9cd2aa7ad75cee5
bb8cae18ef6a21ab8fb9288cc2e3c13c000b3a3c09e6059673f01392217d9a78
bcda6149a255f64a24f2ac7f45d1e4f9f3be4e21954aaa76dd93177d0a00af1f
c4f26dcadef4155163bcd7188541ca0be0c9292542dc25b822c8359b7e7c20ee
c91be3d728cbcbc6bd8fa8fd072e6d6ab0e4fbf72efdbd0ac195adf40bf0daa5
d18ad0a9c651ba3eb481c46b73e56defe75b0d9ee446dfb7672d2fd4b23ce306
d8b7733adcc8f7a5f8dbe4d06c0d812c19da1ab8f33ccdf97175e00c77dd18cb
e2350d26ef77e2164f5869f85c6923d954ac90af8033b61af9948bb11f6f1091
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629